Multisignature Wallets Can Keep Your Coins Safer (If You Use Them Right)

Multisignature wallets are cryptocurrency wallets that require two or more private keys to sign and send a transaction.

AccessTimeIconNov 10, 2020 at 9:17 p.m. UTC
Updated Feb 9, 2023 at 1:17 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

In traditional business, "key person risk" refers to when a company relies too much on one individual to succeed.

Cryptocurrency businesses are prone to a very literal version of this risk when handling funds. The most infamous example may be QuadrigaCX, whose customers have been waiting nearly three years to recoup $115 million worth of deposits since the death of founder Gerald Cotten, the sole possessor of the cryptographic keys to the exchange's wallet.

Fortunately, multisignature cryptocurrency wallets offer a built-in way to manage this sort of risk.

Multisignature wallets (or multisig, for short), are cryptocurrency wallets that require two or more private keys to sign and send a transaction. The storage method requires multiple cryptographic signatures (a private key’s unique fingerprint) to access the wallet.

Of course, multisig is not a panacea, as customers of OKEx learned in October 2020, when the exchange suspended withdrawals, explaining (somewhat cryptically) that one of its key holders was cooperating with an investigation and had fallen "out of touch." Without that key holder's authorization, OKEx was unable to give customers their money back.

But properly used, multisig can mitigate the hazards of dealing with digital bearer assets where transactions are irreversible.

What follows is an explainer of how mutisig works, why someone might want to use it, how it can go awry, and more.

How does a multisignature crypto wallet work?

Imagine a bank vault that requires more than one key to open: That’s a little how multisignature cryptocurrency wallets work (and why multisignature wallets are typically called vaults).

You can choose how many keys are allowed to open the vault as well as the minimum number of keys needed to unlock it (e.g., you could have a 2-of-3 multisig where two out of three assigned private keys are needed, 3-of-5, 5-of-7, etc.).

Justin, Vittie and Craig each hold one of the three keys needed to unlock the multisig wallet.
Justin, Vittie and Craig each hold one of the three keys needed to unlock the multisig wallet.

It works like this: Justin, Vittie and Craig set up a multisignature crypto wallet where each holds one key and two of the three keys must be present to send a transaction. To make a payment, Justin would create a transaction and sign it with his key; he would then send this transaction to Vittie, who would sign it with her key. From here, Vittie can either send it back to Justin to finalize the transaction or send it to Craig for him to sign, too (though this last step is not necessary, considering only two of the three keys are needed to unlock the wallet).

Typically, hardware wallets (namely, Trezor, Coldcard and Ledger) are the go-to option for using a multisig setup because they are the safest way to store a private key. Once these wallets are combined into a multisig setup, they create an entirely new multisignature address that is independent of each individual hardware wallet.

When would someone use a multisignature crypto wallet?

For retail investors, multisignature wallets are commonly used to secure bitcoin, but you can also use them for ether and other cryptocurrencies.

Most notably, crypto exchanges, brokers/OTCs, investment funds and other crypto companies use multisignature storage to secure their cold storage funds. Exchanges, brokers and the like distribute admin keys for their funds in order to distribute the risk; if hackers want access to their reserves, they’re going to need several keys to do so. Similarly, multisig ensures no one person in the firm is able to unilaterally withdraw funds from the account. The more signatures you need to execute a transaction, the more distributed the decision-making process can be.

Other specific use cases may involve setting up a shared account among family members (for, e.g., a trust or estate) or an escrow account (for, e.g., a bet or a sale of property). Relatively speaking, multisig is still a niche custody practice among cryptocurrency holders. Still, that doesn’t mean your typical crypto user doesn’t use it to custody their coins.

When multisig goes wrong

Multisig provides an extra layer of protection for cryptocurrencies holdings, but it’s not without risks.

For Bitcoin, multisignature wallet software has come a long way since the early days of Electrum (one of the earliest Bitcoin software wallets, which was also one of the first to support multisig), but it’s still a complex process for less technically savvy users. The Taproot upgrade, which enriched Bitcoin’s scripting language to make coding smart contracts easier, improved consumer-grade multisig software.

Each single-signature wallet has an associated seed phrase that allows users to back up and recover their wallets. A multisig wallet, however, does not have this backup mechanism; this is part of its design. So if you lose the majority of wallets in a multisig and the seed phrases for these wallets, then you lose access to the whole vault (of course, the same could be said for losing the device and seed phrase for a single-signature wallet).

Should I use multisig?

Multisignature proponents argue that multisignature is the most secure and fail-proof way to store cryptocurrency. Even if a thief gets his hands on one of your wallets, for example, they still won’t be able to access your account without the keys to the other wallets in the setup.

Still, there are others who argue the multisignature user experience is not simplified enough for average users, so only those who really know what they’re doing should bother with it.

How do I set up a multisignature wallet?

Historically, multisignature wallets have been the domain of developers or hardcore Bitcoiners because they are difficult to set up from scratch. Luckily, today’s tenderfoot multisignature users have it easier than the trailblazers of yesteryear. Nowadays, there are wallet softwares that streamline the multisig setup process, as well as services that provide customer support and key management services. (For instance, if an unwitting client loses a hardware wallet to the ether, the service has a key as backup.)

For Bitcoin custody specifically, some popular multisig service providers with key management services include Blockstream, Casa and Unchained Capital. Other open-source, do-it-yourself multisig software includes Caravan, Electrum, Lily, Nunchuk and Specter, among others.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Colin Harper

Colin is a former CoinDesk tech reporter. He is now the Head of Research and Content at Luxor Technologies, and also freelances for CoinDesk, Forbes and Bitcoin Magazine." He holds bitcoin.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.