Multi-Sig Wallets
This article will focus on Bitcoin wallets, particularly the concept of Multi-Signature wallets, compared to traditional single-key setup.
To understand Multisig, it’s important to know how a Bitcoin transaction works. When you want to spend Bitcoin, a transaction is created and signed with the related private key, which is a task generally managed by your wallet. By signing a transaction, you confirm that you have the key for these coins, you are the owner of the funds, and you approve this transaction.
After the transaction is signed, it is shared with the network, and the coins are transferred to the recipient’s Bitcoin address.
So, what is a Multisig wallet?
The term Multisig is short for Multi-Signature. It’s a type of digital signature that involves several unique signatures, allowing two or more participants to sign a document collectively. This feature is often used to distribute responsibility and to mitigate the risk associated with having one person control all the funds.
It’s important to note that Multisig is not a concept exclusive to cryptocurrency. This practice has been in use in traditional banking systems as a security measure.
For instance, think about a bank locker where both the banker and you have keys. The locker can only be opened when both keys are used together.
Similarly, that’s how a Multisig Bitcoin or cryptocurrency wallet operates. The key difference is that a bank locker needs multiple physical keys to unlock, while Multisig wallets require multiple digital signatures to authorize a Bitcoin transaction. So, instead of physical keys, you have digital ones in the case of Multisig wallets.
Multisig Bitcoin Wallets
As implied by its name, a Multisig Bitcoin wallet needs two or more signatures to approve a Bitcoin transaction.
This type of wallet demands two or more private keys to sign and initiate a transaction. While this setup can add an extra layer of security to your personal wallet, its true usefulness is managing shared accounts.
In such cases, users can share the responsibility of controlling Bitcoins.
Multi-sig vs Single-sig Wallets
A single-signature Bitcoin wallet is a basic setup that requires only one signature to authorize a transaction.
When it comes to a single-key address, only the individual who has the private key to that specific address can access the funds. They are the only ones who can sign the transaction, and they don’t need approval from anyone else to transfer coins.
With a single-key address, your coins are only as secure as a single point of failure.
- If you lose your backup, you risk losing your coins.
- If someone else gains access to your private keys, your funds could be irretrievably lost.
Thats the reason the single-key approach isn’t typically suitable for businesses dealing with Bitcoin and other cryptocurrencies.
This is where Multisig wallets come in, providing a solution for these risks.
By keeping Bitcoins in a Multisig address, the coins can only be transferred if multiple cryptographic signatures are provided, each generated through different corresponding private keys. Since more than one signature is needed to access the wallet, Multisig setups offer an increased level of security.
Example;
Imagine you have 1 BTC stored in an address in your wallet.
Each Bitcoin address comes with a corresponding private key.
The rule is simple:
- If you possess the private key to that specific address holding 1 BTC, you have the power to spend that money.
This is the principle behind single-signature or single-sig wallets.
However, there’s a downside. If cybercriminals, somehow gain access to your private keys or seed phrase, they can easily steal your funds. This problem can be significantly mitigated if you store coins using Multi-Signature technology.
Multi-Signature can greatly enhance the security of your digital assets. Given that it demands more than one key, an attacker who gains access to one of your wallet keys still can’t steal your funds.
Beyond benefiting individual users, Multisig also boosts wallet security for businesses.
It’s frequently used by cryptocurrency exchanges to ensure that coins cannot be moved by a dishonest employee. Given that it requires two or more signatories to authorize a transaction and send funds from the wallet, it supports <trustless> transactions.
Multisig can also be helpful with the key person risk.
For instance, in 2020, the exchange OKEx had to suspend crypto withdrawals when the key holder who could authorize transactions, lost contact with the exchange. Without their authorization, no withdrawals could be processed, resulting in customer funds being temporarily locked in the exchange. In such situations, Multisig can offer a safeguard.
How does it work?
Standard Bitcoin network transactions typically require only a single signature. This means the individual who possesses the private key to a specific Bitcoin address can transfer the funds. However, multisig transactions demand multiple signatures from users before the coins can be transferred.
In essence, all Multisig wallets need m-of-n signatures. The person configuring the Multisig wallet sets the total number of keys and the required threshold to spend the coins. There are many combinations available, ranging from 1-of-2, 2-of-2, 3-of-5, to 5-of-8, and so forth. 1-of-1, for example, defines a single-signature wallet.
Let’s create a simple scenario:
You, Alice, and Bob want to start a business. To ensure financial transparency and security, you decide to set up a 2-of-3 Multisig Bitcoin wallet, where each of you is presented with a unique set of keys.
To authorize any transaction, at least two of you must use your keys. This setup allows all three of you to view the funds and transactions, but to send coins out, any two must authorize and sign. And since the transaction proposals don’t expire, there’s no time limit.
The Complexity and Risks of Multisig
While Multisig offers an additional layer of protection for your cryptocurrency assets, it isn’t flawless. Every type of wallet, be it mobile, desktop, paper, custodial, or even hardware wallets, has its own vulnerabilities. The added complexity of Multisig over single-sig also introduces its own set of risks.
A single signature wallet usually comes with an associated seed phrase, which allows users to backup and recover their entire wallet.
However, there is no such comprehensive backup mechanism in Multisig setups. Each participant, or copayer, must independently backup their own wallet’s seed phrase.
Any participant lose access to their wallet or backup, it results in a loss of access to the collective vault for everyone.
For example, a 2-of-3 setup, where two signatures are needed to authorize a transaction. Each copayer manages their own wallet, and each copayer’s backup includes the extended public keys (XPUBs) of all other copayers, as well as details like the derivation path, threshold, and script type used in setting up the Multisig wallet. Should one cosigner lose their backup, the Multisig wallet cannot technically be recovered. The remaining cosigners must immediately move the coins to a secure location.
A more severe situation arises in a 2–2 setup, where one cosigner loses access to their wallet and doesn’t have their recovery phrase.
Regrettably, in this case, recovering coins from the wallet is impossible, underscoring why one should never set a high threshold needed for spending coins.
Despite the progress of Multisig, it still possesses complexities and is not advised for users with limited technical knowledge.
“Should I use a Multisig Wallet?”
Well, while multisig wallets offer enhanced security through the requirement of multiple signatures, they come with their own set of challenges.
The risks discussed, the complexity of recovery processes, the lack of user-friendly applications for individual users, and the slower transaction speed make me skeptical of their suitability for individual use.
But make no mistake; having control over your own wallet is better than the alternative.
You know what they say;
