SDBS #33: Feeless Multi-Signature Transactions
Summary
Today’s blog post will discuss feeless multi-signature (multisig) transactions, as an example of the unique versatility available to Stealth’s feeless transaction mechanism.
— — — — — — —
What is a Feeless Transaction?
Briefly, feeless transactions are those where the amount sent is the same as the amount received, and, instead of fees, a user submits proof that his computer did a minimum of work. It is important to note that “feeless” is not the same as “free”. Feeless transactions have spam protection, while free transactions do not. Feeless transactions are helpful for accounting, and more importantly enable transacting with small amounts of money. I described feeless transactions in much greater detail in SDBS #31.
— — — — — — —
What Is a Multisig Account?
A multisig account is one that is sent to a subset of a group of addresses. For example, imagine you have a group of three different XST addresses that we’ll call A, B, and C. A user could make a 2-of-3 multisig account with these three addresses. In this case, all of the following combinations could make a spend from the 2-of-3 multisignature account: A+B, B+C, and A+C.
A single multisig address is associated with each multisig account, and takes the form of a “pay to script hash” (P2SH). P2SH addresses look like regular addresses, except they begin with a different first digit. On testnet, multisig addresses start with a “2”, while regular addresses start with “m” (mainnet regular XST addresses usually start with “S”).
For example, a couple of Stealth addresses from testnet are:
- mhbrJjyjXThn7xfp1NjUm5EAz1LBQM1dLT
- mn2JbRsAUXprEkPoDggym89uzi7MAkmbmi
In most cryptocurrencies, addresses are abbreviated versions of cryptographic public keys. For these two addresses, the associated public keys are, respectively:
- 02cd85238b5e7615ede6661ae2a8fb57f71d6bdc24b23ec1f91d5b0a7a37e56c7b
- 02dd3bd7efe1cb4aeb0531329c91dbc300ed48d36ed552b41503173621f1148f8b
We could combine these two public keys to make a multisig account, in this case a 1-of-2 multisig account where either party could spend money sent to the account. The 1-of-2 multisig address from the above two keys is:
- 2MxfkUWojAic6gPuFjW9fADTiLtJpnSZghd
Sending to this address is as simple as sending to a regular address. Done with the command line client (CLI), sending 20 XST to the address looks like:
- sendtoaddress 2MxfkUWojAic6gPuFjW9fADTiLtJpnSZghd 20
— — — — — — —
Why are Multisig Addresses Important?
Multisig addresses have a variety of uses, but the most critical uses have to do with security. The major security applications are (1) preventing unauthorized spending by approved signatories (2) preventing spending when keys are compromised, and (3) ensuring access of funds.
An example of the first use is when a company or institution holds a large balance, and unauthorized spending would require a conspiracy between multiple individuals. While conspiracies cannot be universally prevented, the barrier to create a conspiracy is difficult from a game theoretic perspective because defectors might have something to gain by turning the others in.
An example of the second application is when one of the signatories gets his keys stolen. The thief would not be able to send any funds without convincing a valid number of the other legitimate signatories to sign a transaction.
An example of the third application would be when a signatory dies and no one knows what his key was or how to recover it. Funds could still be sent from the multisig wallet by the other signatories, assuming an n-of-m multisignature account where n is less than m, which is a typical setup.
It is critical to understand that for cryptocurrency adoption, support for multisig accounts is paramount. Most laypeople cannot be expected to hold private keys securely, keep track of them, and remember how to use them in times of urgency or crisis. For this reason, many people (e.g. Coinbase customers) keep cryptocurrencies with trusted custodians. The custodians may have security standards and practices that use multisig accounts for the reasons I mentioned above.
— — — — — — —
The World’s First Feeless Multisig Transaction Round Trip
Today, as a proof of concept, I created the world’s first feeless (not “free”) multisig transaction. Then, I spent the money from the multisig account using a feeless transaction.
As noted in SDBS #31, the only other cryptocurrency with true feeless (spam resistant) transactions is Nano (and its clones). Steem (and its clones) also has a type of no-fee transaction, but the mechanism to prevent spam is somewhat different from proof-of-work.
Nano does not have multisig accounts, nor has any plans to introduce them. Steem and its clones also don’t have true multisig accounts in the sense that the sender cannot be guaranteed that the account will always have the same multi-signature properties — or will always be authorized by multi-signatures for that matter. In Steem it is possible to set multiple spending authorities for an account, to function similarly to a multisig account. However, these authorities can be changed at any time, potentially destroying the multisignature properties of the account.
— — — — — — —
How to Send Feeless Multisig Transactions on Stealth
For those interested in the process of using feeless transactions in combination with multisig accounts, I provide links below. The commands look complicated, but it is important to remember that these commands are generally used by computer programs that serve as interfaces to the underlying functionality.
I created these transactions by manually typing them out, but that is not how typical users would use them. For example, custodial parties would create their own workflow built from the basic commands represented here.
Links:
- Sending to an XST multisig address feelessly, and a listing of the associated transaction.
- Spending from a multisig account feelessly, and a listing of the associated transaction.
— — — — — — —
The Stealth Team
— — — — — — —
