Multisig: that technology that everyone is talking about on Bitcoin forums. It sounds cool, makes wallets more secure, allows for more corporate use cases, makes trustless escrow/arbitration possible, and generally solves lots of problems. But really, what is it and how do I use it?
Let’s dig down and get dirty: how do Bitcoin wallets work? For the sake of this article and without getting too complicated, you can say that Bitcoins aren’t actually moved between addresses, but rather they always just sit in an invisible vault. Also, iinstead of sending them, you actually just change the locks.
For example, when Alice makes a simple, normal Bitcoin transaction to Bob, she’s actually just removing her lock from the vault with her key, and putting Bob’s lock on it (which Bob can later remove with his key and so on).
If you read my article on PGP (specifically the part about asymmetric cryptography), this might make more sense: the lock is the public key, and the key is the private key. Everyone has a copy of Bob’s lock, so they can encrypt anything they want for him. Or, in this case, lock Bitcoins for him, and only Bob can unlock them with his private key.
So far, it’s pretty simple. It starts getting really cool when you think about more complicated locks. See, Bitcoin has a scripting language built in that allows you to design all kinds of locks. You can make locks that aren’t locked, so anyone can open the vault without a key. Or a lock that only locks after a certain amount of money is put in (so you can crowdsource Bitcoins). Or a lock that cannot be unlocked before a certain amount of blocks are found (say, for instance, when your child reaches age 20).
Enter multisig (short for multi-signature), a lock that only opens with enough keys, out of a set of predefined keys. Let’s say that Alice, Bob and Charlie all want to open a business together and invest some of their money. But none of them actually want only one person to have the private keys to this money. So they each get one key and use a multisig wallet that requires two out of three of those keys. This way none of them can run away with the money alone, but they also don’t need all three of them to pay an expense. For example, if Alice wants to run with the money, she can’t because she only has one key. But if Bob is missing and Alice and Charlie want to pay an expense, they can do it with their two keys (out of the three).
Multisig doesn’t have to be two out of three – it can be almost any combination. Let’s think of a few combinations and some examples of how to use them.
- 1 of 2: A couple wants to have a shared account and they trust each other. They both share the same money while using their own separate wallet.
- 2 of 2: Two-factor authentication for you money. You keep one key on your computer and another key on your phone. Whenever you want to spend money, you have to use both.
- 2 of 3: Trustless arbitration/escrow. Someone wants to buy a product from a stranger on the internet, but cannot trust him. The buyer and seller agree on an arbitrator who will help them in case of a dispute. They each get one key out of three, and the buyer sends the money to a two of three address between the three of them. If the product is delivered and there are no issues, the buyer and seller can use their two keys to release the money to the seller. If there is a dispute, the arbitrator help the buyer to get a refund or help the seller to release the funds. For instance, Bitrated.
- 2 of 3: Safer paper wallets. Instead of having one key with access to all your money, why not make it two? The third key is a backup in case you lose one of the other two. For example, keep one key on your phone, another key where you would keep your paper wallet, and a third key with a trusted family member.
- 4 of 7: Company board of directors. Suppose a corporation has a board of directors who wish to own the control of the corporation’s reserves, instead of trusting their executive management to handle all their money. The board of directors can decide that a majority vote (four out of seven) should be enough to delegate funds to executive management.
All of these examples would traditionally require a financial institution or third party to mediate, but with Bitcoin, it is all programmed directly into the payment and secured by the Bitcoin network. This is why I personally find multisig technology to be some of the most impressive working concepts that exist in Bitcoin today.
Getting started with multisig: A full step-by-step picture guide
Bitpay has made a multisig wallet called Copay that in my opinion is the best currently available on the market. It is open source and free, and runs on any computer/phone (it even looks the same on my phone and computer). I’ll show you how I create a simple two of three wallet: one key for Alice on her phone; one key for Bob on his computer and one key for Charlie on his computer. You can translate this to any sort of combination with whoever you wish.
This is what the wallet looks like when you open it for the first time. This is just a regular Bitcoin wallet. On the top left you’ll find a button to show your list of wallets, which currently only shows your personal wallet. After clicking “add wallet” Bob will be given an option to create a new shared wallet or join a shared wallet. “Shared wallet” is the name they give for “multisig wallet”.
After clicking “shared wallet” Bob will fill in the info. The wallet name helps you recognize the wallet in your list of wallets, the nickname helps others sharing the wallet to recognize you. The number of copayers is the number of people who share the wallet, and the number of signatures is simply how many people need to approve a transaction. In this case we’re making a 2-of-3 multisig wallet. After Bob creates the new wallet, he shares the invitation with Alice and Charlie (by either letting them scan the barcode or copy-paste the long string of letters below the QR code). On the other end, Alice and Charlie will paste the invitation string. The square button to the right allows Alice (who is on her phone) to scan the QR code.
Now that everyone joined with the invitation, Alice Bob and Charlie will see the new wallet in their wallet list. Before they start putting money in their wallet, they should first make a backup. Each person needs to make their own backup! It is probably a good idea to set a password for the backup, a strong and memorable password.
After making a backup, the wallet can receive Bitcoin payments like any other wallet. Notice that multisig Bitcoin addresses begin with the number 3 instead of the number 1. Alice Bob and Charlie added a bit of money to the wallet. Now they can start making expenses. Making transactions in a multisig wallet looks exactly like any other Bitcoin wallet. The square button on the top right allows Alice (who is on her phone) to scan QR codes. Bob added a note to let Alice and Charlie understand what the transaction is before approving it.
Bob clicks send and now the transaction needs one more signature (Bob’s signature alone is not enough for a 2-of-3). Bob can look at his transaction and see its status. Notice at the bottom that only Bob signed it (and has a green check next to his name). He’s still waiting for one more signature. If someone would reject a proposal, you would see it here with a red X. Alice (and Charlie) sees a transaction proposal on her home screen, as well as a notification icon at the bottom to let her know that she has pending transactions to approve.
Alice (and Charlie) can see the status of the transaction just like Bob, and can accept or reject it. Alice clicks “accept”. Viola! Two signatures out of three – that’s enough and the payment is sent! The balance updates of course.
We can see the transaction in the history tab.
- Always have backups! It is extremely important just like with any Bitcoin wallet.
- Don’t require all keys (2 of 2 / 3 of 3 / 4 of 4 / etc.). If you lose one of the keys, you lose the money! If you have two of three or three of four, you can still recover your money if you lose a key (better than regular Bitcoin wallets). In this case, we’re doing two of two only as a simple example.
- You cannot make a wallet with an infinite amount of keys, there are some technical limitations, and Copay specifically doesn’t let you make more than four of six.
- Latest Posts