Crypto-custodianship is a big topic in institutional circles nowadays, its mere mention sending hedge fund managers into a frenzy at the prospect of custodial solutions for their holdings. While the regulatory green light is a win for Wall Street firms preparing an entry, Bitcoin already has an incredibly powerful function baked into the protocol that makes such applications trivial: multisig.
Bitcoin’s non-Turing-complete scripting language provides little wiggle room when it comes to programmability (compared to a blockchain like Ethereum), but the use cases for multisignature transactions shouldn’t be underestimated.
A typical Bitcoin address is controlled by a private key — an alphanumeric string of letters and digits that allows the holder to spend the amount associated with it. If the private key key is known to any party, they are effectively in control of the funds.
It’s therefore critical that private keys should be kept secret in a secure manner (and not, say, on Evernote). Paper wallets (generated and printed offline) and hardware security modules (HSMs) are generally considered the safest options, as they keep private keys away from the plethora of attacks made possible by networked devices.
Worth noting, however, is that these are also a single point of failure. What happens if your seeds are found, or if you find yourself at the mercy of a torturer (the $5 wrench attack)? What if you die and your next-of-kin is unable to access your coins? If the nature of your transaction is such that you don’t want the irreversibility associated with Bitcoin transactions, how do you proceed without an omnipotent trusted third party (TTP)?
Enter multisig. The P2SH (pay-to-script-hash) format was introduced in BIP16, back in 2012, allowing individuals to send coins to a script with specific spending conditions, as opposed to a regular address. This is what makes it possible to craft an address that requires more than one private key to spend funds.
Multisig addresses are commonly referred to as m-of-n transactions, where n is the total number of keys that are capable of signing, and m is the amount required to spend.
For instance, a 1-of-2 transaction would only allow two keys to spend, but either party could separately authorise a transaction. Similarly, a 3-of-5 setup would require three signers out of a possible five to transact.
Right off the bat, there are a number of benefits one can see to adopting the multisig offering, both for individuals and businesses looking for better governance or security. Below, we’ll explore some applications.
Secure Cold Storage
Most use Ledgers and Trezors to secure their wealth. Of course, mnemonic seeds must be backed up, and should someone decide to remove your fingernails until you grant them access, chances are you’re going to comply.
It’s very simple to set up multisig with a myriad of hardware wallets and Electrum (Saleem Rashid did a great writeup) Using a handful of different devices overcomes vulnerabilities that a single one may have, and also makes it safer not to back up mnemonics — a 3-of-5 setup (much like Casa offers), combined with geographic distribution of the various devices used, ensures that transactions cannot be executed, even under duress, unless two other co-signers action it. Keys can either be given to friends/family members/other custodians, or kept spread out by the individual themselves (banks/vaults/Tupperware containers buried in their backyard).
Transaction finality is considered the greatest strength of Bitcoin by most, but critics are quick to point out that, for merchants and consumers, Bitcoin’s lack of support for chargebacks could be exploited by fraudulent parties. This is certainly true, but multisig can be leveraged to create an efficient escrow mechanism.
If a person A wishes to purchase goods from a person B, but doesn’t trust that the goods will show up or be as advertised, a third person C can be looped in to act as an arbitrator. The requisite coins are locked up in a 2-of-3 address, with each party possessing a key. If all goes smoothly, persons A and B can unlock the funds. In case of a dispute, person C can investigate, and co-sign with either A or B to release the funds to the wronged party.
Businesses dealing in cryptocurrency, without multisig, entrust a single treasurer (or worse, a handful of them) with private keys. This works well, until it doesn’t — millions may be accidentally sent to the wrong address, the holder could be robbed or simply decide to make off with the money. In such cases, multisig addresses can be put in place so that multiple executives would be required to sign off on the transfer of funds. Scaling this infrastructure up could be the way to go insofar as Decentralised Autonomous Organisations (DAOs) are concerned — it’s not hard to imagine how a non-profit might pool donations in an address that requires the majority of signatories to decide on its allocation.
Clearly, the multisig function is a critical extension to Bitcoin’s self-sovereignty, harnessing cryptographic techniques to accommodate a wealth of use cases where a degree of distribution of control, enhanced security, or oversight in trade is necessary. In the age of cyberspace-native wealth, multisig is a simple yet robust smart contract that allows for a new understanding of custodianship over digital money.
Cover photo modified from Pexels.