Algorand Multisignature Wallet

Pablo Yabo
Jul 24, 2019 · 5 min read

Overview

A multisig wallet is a very useful feature, enabling ways to transfer and manage funds involving multiple parties. For instance, the implementation of a vault type lock with a 2 of 2 wallets requires 2 separate private keys to move funds or more complex approval mechanisms such as 3 signatures of 5 signers requiring any 3 keys out of 5. Multisignature wallets are popular among exchanges as they use them to improve the general security. Likewise, big projects use this technology to manage treasury funds.

Multisig Wallet in Bitcoin

In Bitcoin, multisignature wallets are implemented at the protocol layer through a specific script opcode to verify signatures that must be used to spend the funds. When users want to create a multisig wallet, they need to set it up by specifying the list of addresses and the threshold (the number of signers to approve a transaction). This results in a special public address (distinguished by the ‘3’ at the start) and the redeem script. The address is used to receive funds and the redeem script to transfer them. The signatures required to spend funds are collected off-chain and then broadcasted thus composing the transaction.

Multisig Wallet in Ethereum

Concerning multisignature wallets, Ethereum has a completely different approach to Bitcoin. In Ethereum, the premise of a general-purpose blockchain is taken to the limits where you can create the equivalent of a multisig by writing the code as there is no core implementation for it. This approach prioritizes flexibility and allows for the collection of signatures on-chain. Any signer can realize that his or her signature is required by just monitoring the blockchain.

The problem of this approach comes with the added layers of potential security holes since the security depends on the smart contract implementation. After the 2 infamous hacks of Parity’s multisignature wallet, security concerns drastically increased. Since then, a larger percentage of the security community now believes that it is very hard to build a robust blockchain using the general-purpose approach without implementing key features at the core-level.

In addition to this, the costs of using multisig transactions on Ethereum are higher since it requires multiple expensive smart contract transactions. For example, a transaction requiring 2 signatures costs about 10x the cost of a single normal transaction (21,000 gas vs. about 200,000). There are some optimizations but these add more complexities and involves the collection of signatures off-chain ending up with a similar solution to Bitcoin implementation but with the complexities of a smart contract.

Multisig Account in Algorand

Algorand approach to multisigs differs slightly from Bitcoin’s. The multisignature account is created off-chain specifying the public keys and the threshold that make up the multisignature account. After the setup, users get a public address indistinguishable from any other address so, unlike bitcoin, no one can tell if the address is a multisig account. To send funds, the transaction must contain the number of signatures specified in the threshold field.

This implementation is not exposed to the security issues of Ethereum’s approach since it is part of the core. Algorand’s network capabilities and very low fees enable the exchange of signatures on-chain. One of the parties can create and sign a transaction and publish it on the blockchain. The other parties will see the transaction proposal and will apply the other signatures until the transaction reaches the threshold and it’s broadcasted. This type of usage adds Ethereum visibility but without the security issues that could arise on a smart contract. The implementation involves the creation of 2 multisig accounts for each one needed. The first account is the fund account and the other is used to exchange messages. The last multisig must have a threshold of 1 of N to allow any participant to send messages. Using this approach, the parties can know when their signature is required by simply watching the blockchain and paying negligible fees.

Check Algorand Multisig here for more information.

Algorand Multisig Account Example

We wrote several tools to help to interact with Algorand blockchain, you can download them from this repository. I use them on this example:

  1. Create a multisig account

2. Then, build a transaction with the multisig address as from and use a to that you control. In this example, I am using one of the addresses used for the multisig. In node-api-token you should use your token (located in algod.token file in the data dir), in node-url the URL of your node (mine is in localhost), and I am using mainnet for genesis-id and genesis-hash:

3. Sign transactions twice (2 of 3 multisig):

4. Broadcast transaction:

You can check the transaction here:

https://algoexplorer.io/tx/YECIDLIXGHIFNSUXJUWQYLQPUY6LHMS6NXNQDGMZWU56TS2XT7MA

Conclusion

Even though Algorand multisig is implemented on the core similar to Bitcoin, the almost instant transactions and insignificant fees allow developers to create an entirely different family of multisignature wallets and use cases. Additionally, when we take into account the very lightweight nodes, we can create signing devices running a node even in a Raspberry Pi. In the future, Algorand will add smart contract support enabling complex payment workflows without compromising the basic security functionalities.

At Randlabs.io we are leveraging this technology to build multisig accounts on Algorand Wallet with Ledger Nano support and much more. Make sure to keep posted! @pipaman

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store