Multisig stands for “multi-signature,” which is a specific type of digital signature and allows two or more users to sign documents as a group. Therefore, a multiple signature is produced by the combination of several unique signatures. Multisig technology has been integrated into the world of cryptocurrencies, but the principle existed long before the creation of Bitcoin.
In the context of cryptocurrencies, the technology was first applied to cryptocurrency addresses in 2012, which would ultimately lead to the creation of multi-sig wallets a year later. Multisig addresses can be used in different contexts, but most of the time they are used for security reasons. Here we will detail their use in the context of multi-signature wallets.
How does it work?
If we make a simple analogy, we can imagine a secure safe, with two locks and two keys. One key is kept by Alice and the other is kept by Bob. The only way for them to open the safe will be to use both of their keys at the same time, so that only one of them cannot open the safe without the consent of the other.
Basically, funds stored on a multi-signature address can only be accessed with 2 or more signatures. So, using a multisig wallet allows users to create an extra layer of security for their funds. But before we go any further, it's important to understand the basics of a standard Bitcoin address, which relies on a single key instead of multiple (single address).
Clé-simple Vs. Multisig
Typically, bitcoins are stored using a standard, single-key address, meaning that anyone with the corresponding private key can access the funds. This means that only one key is needed to sign transactions and anyone with the private key is able to transfer coins at will, without anyone's permission.
Although managing a single-key address is faster and simpler than a multisig address, it raises a number of issues, especially when it comes to security. By having a single key, funds are protected by a single possible point of failure. This is why cybercriminals are constantly developing new phishing techniques to try to steal cryptocurrency users' funds.
Additionally, single key addresses are not the best option for businesses dealing with cryptocurrencies. Imagine that the funds of a large company are stored on a traditional address, with a single corresponding private key. This would imply that the private key would be entrusted to a single person or to several individuals at a time - which is clearly not the most secure way to organize things.
Multisig wallets offer a potential solution to all these problems. Unlike unique keys, funds stored on a multisig address can only be moved if multiple signatures are provided (and which are generated via the use of different private keys).
Depending on how a multisig address is configured, a different key combination may be required: 2 of 3 is the most common, where 2 signatures are sufficient to access funds from a 3-sign address. However, there are many other variations, such as 2-on-2, 3-on-3, 3-on-4, etc.
There are a number of possible applications in technology. Here are some of the most common uses of multi-signature cryptocurrency wallets.
Improved security
By using a multisig wallet, users can avoid problems caused by the loss or theft of a private key. So even if one of the keys is compromised, the funds are still safe.
Let's say Alice creates a 2-of-3 multisig address and then stores each private key in a different location or device (e.g. mobile phone, laptop, and tablet). Even if their cell phone is stolen, the thief will not be able to access their funds using only 1 of the 3 keys. Likewise, phishing attacks and malware infections will be less likely to succeed because the hacker will most likely only have access to a single device and therefore a single key.
Aside from malicious attacks, if Alice loses one of her private keys, she can still access her funds using the other 2 keys.
Two-factor authentication (2FA)
By creating a multisig wallet requiring two keys, Alice can create a two-factor authentication mechanism to access her funds. For example, she might have one private key stored on her laptop and the other in her phone (or even on a piece of paper). This ensures that only someone with access to both keys can complete a transaction.
However, keep in mind that using multisig technology as a means of two-factor authentication can be dangerous, especially if it is defined as a 2-of-2 multisig address. If one of the keys is lost, you will not be able to access your funds. Therefore, it would be safer to use a 2-of-3 setup or a third-party 2FA (Two-factor authentication) service that offers backup codes. When it comes to trading accounts, it is highly recommended to use Google Authenticator on exchanges.
The escrow contract
Creating a 2-of-3 multisig wallet can also enable a so-called “escrow” agreement between two parties (Alice and Bob) including a third party (Charlie) who will step in as a trusted arbiter if anything goes wrong.
In such a scenario, Alice would first deposit the funds, which would be blocked (no user being able to access them on their own). Then, if Bob provides the goods or services as agreed, they can both use their keys to sign and finalize the transaction.
Charlie, the referee, would only need to intervene in the event of a dispute. He could then use his key to create a signature that would be provided to Alice or Bob, depending on his judgment.
Decision making
A board of directors can use a multisig wallet to control access to a company's funds. For example, by setting up a 4-of-6 wallet, where each board member holds a key, no board member will be able to misuse funds. Consequently, only decisions approved by the majority (4 out of 6 people) can be executed.
Disadvantages
Although multi-signature wallets are a good solution to many problems, it is important to keep in mind that it involves certain risks and limitations. Configuring your own multisig address requires a minimum of technical knowledge, especially if you do not want to use third-party providers.
Additionally, since blockchain and multisig addresses are both relatively new, it can be difficult to have any legal recourse if something goes wrong. There is no legal custodian for the funds that are deposited in a wallet shared with multiple key holders.
Conclusion
Despite some drawbacks, multisig wallets embody many interesting uses, making Bitcoin and other cryptocurrencies even more convenient and attractive, especially for businesses. By requiring more than one signature to transfer funds, multisig wallets provide enhanced security and escrow transactions that do not require a trusted third party. As such, the technology is therefore likely to see increasing use in the future.