With the increasing number of digital currencies, the need for storing any digital currency safe led to plenty of innovative ideas, one of them being — the Multisig Wallet. But, before discussing the generated idea, we must first be familiar from where it originates.

Introduction

Since its appearance in 2008, Bitcoin and other digital currencies have experienced accelerated growth in both the number of their transactions and also their corresponding value. As far as storage is concerned, digital currencies are stored in “addresses,” which are based on key pairs, including both public and private keys. So, with just a click, you can create any digital currency wallet and share the address publicly while retaining the private key with you. That seems secure, only if you are ‘not’ dealing with a digital currency which is worth 1 Million!

Regarding the addresses or the ‘key,’ anyone who knows the private key, which is in correspondence to the digital currency address can very quickly be responsible for the movement of the funds. The identity of the owner of the key is not necessary; the key becomes the identity itself and thereby the ultimate law. As the transactions are necessarily irreversible, the possession of the key being equivalent to law becomes a problem. This authorization then needs to be diluted and accurately corrected if one needs to avoid the critical issues resulting due to digital currency scams.

What are the Security Issues?

In the simplest form, the person possessing the digital currency wallet address is capable of spending his or her coins in any way. But, along with this possession accompanies the dilemma of keeping his private key secure from theft.

1.Irreversibility as a problem:

As Bitcoin and other digital currencies have gained more popularity along these years. On average, every Bitcoin user has been scammed or been tried upon by an unknown person. The decentralized nature of Blockchain is a backdrop here. It essentially makes that transaction, or any other transaction for that matter, irreversible.

2. The actual theft:

Not only this, no matter how much a person tries to store his wallet key securely, a single key means a single point of failure. The key can be tampered, can be stolen, attacked offline, and what not. Ironically, the already existing malware and hacking tools have been re-engineered by the popularity of digital currencies. In no time would they enter your computer system and steal what they need, the very securely kept — digital currency wallet address private key. In terms of the online space, this becomes a fundamental problem. Having a single key wallet poses absolute and obvious security risks. Which led to the storage of keys in actual physical vaults which came to be known as “cold storage” in the digital currency world. Although this solved a few security risks of storing private keys, it comes with its operational burden. If the Random Number Generator (RNG) fails to generate the key accurately; then your funds are again at risk. Therefore, offline storage again becomes a problem for digital currency users.

3. The ultimate loss:

The most obvious and significant problem of having a single key wallet is — what if you lose the key? No matter if it is an online or an offline wallet. Losing the key is simpler than actually using it. If you miss that key, your funds are locked, and there is no way that you are getting them back. Also, you cannot ask anyone to refund them because no one is regulating them except you.

What is the Solution?

According to the bitcoin wiki, “Multisignature (multisig) refers to requiring more than one key to authorize a Bitcoin transaction. It is generally used up to divide up responsibility for possession of Bitcoins. Standard transactions on the Bitcoin network could be called ‘single-signature transactions,’ because transfers require only one signature — from the owner of the private key associated with the Bitcoin address. However, the Bitcoin network supports much more complicated transactions that require the signatures of multiple people before processing payments. These are known as M-of-N transactions.”

Multisignature is a solution of all the above-mentioned security issues or problems that a single key holder faces while managing his or her digital assets. Multisig transactions were first introduced in 2012 but became widespread only in 2014. The first multisignature digital currency wallet was launched in August 2013 by BitGo.

In multisig transactions, for every wallet, the access is given to several users, unlike the digital currency wallets, wherein there is only one private and public key. For multisig wallets, there are more than one private key along with one public key which is shared. It is more secure in the sense that it requires the agreement of multiple parties to complete a transaction, thereby negating theft to an extent.

Most of the multi-signature setups usually involve three parties — the sender of the payment, the recipient, and an escrow agent. Each of these parties holds one private key, and to send any transaction at least two private keys must be required. Escrow agents specifically are one of the registered and trusted members of the digital currency community and are responsible for arbitrating any kind of disputes that may arise. A multisig wallet supports much more complicated transactions that require the confirmation of multiple people before processing the funds.

Some of the immediate advantages that can be gained from using multisig transactions are explained below. Firstly, we can eliminate single points of failure, by ensuring the keys of the wallet are generated an stored on entirely separate devices. For example, one key might generate on the user’s laptop and the other key on his or her phone. Which make it necessary to have both devices to transact. The malware which can infect the laptop becomes unable to steal any funds as it does not have the required key stored on the phone. But what happens if the user loses their phone? If a third key were kept in offline possession, thereby using a 2-of-3 scheme. Then the user will handle the situation of losing one of either device and yet manage to recover his or her funds using the remaining device in addition to the offline key. Third, we can begin to address the access control problem. Two people can construct a multi-sig wallet which requires both to transact, while a 3-person partnership can create a wallet which requires at least 2 of them to be in agreement.

Multisig transactions allow the creation of 2-of-3 escrow services. For example: if Joseph wants to pay Miranda, he makes a transaction to a multisignature address, which requires at least two signatures from the group “Joseph, Miranda and Bob” to redeem the money. If Joseph and Miranda disagree on who should get the money, they can appeal to Bob. Bob grants his signature to Joseph or Miranda, so one of them can redeem the funds.

The multisig scheme is also implemented in other non-bitcoin-based digital currencies. Usually, it replicates the same functionality via several distinct signatures. The final custody ultimately lies only with the blockchain, which is decentralized itself. Therefore, lawmakers and regulators will need to understand this new paradigm as they best determine how to adapt existing regulations and create new ones.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Wharf Street Strategies

Wharf Street Strategies

WSS is a dynamic technology company empowering start-ups and businesses across the world.