Basics of Crypto Security
This is still a standard of convenience of Multisignature today.
Multisig wallets are widely used. What are they, why are they important, and what are the pitfalls?
July 01 2021
Some crypto wallets offer Multisignature transactions (aka "Multisig"), which require multiple private key signatures in order to spend cryptocurrency.
Because Multisig decentralizes spending authorization among multiple signers, it provides protection against having a single point of failure in the event of loss of control of a crypto wallet.
Multisig wallets also allow organizations to construct complex spending rules involving multiple parties.
Multisig has some potential pitfalls due to its inherently more-complicated design.
As Mutisig is not a common or widely used approach, it remains incompatible between different cryptocurrencies e.g. ETH and BTC
Each participant in a Multisig setup must maintain careful key and wallet management habits.
Backups are a challenge. Use a product like Vault12 to ensure you always have a secure, distributed backup.
What is Multisig?
Multisig is an approach implemented by cryptocurrency wallets such as Electrum and BlueWallet wherein two or more separate private keys are needed in order to sign and send spending transactions. This requirement for multiple signatures reduces the chances of fraudulent spending and lowers the risk of a single point of failure (SPOF).
Some practical use cases for Multisig include:
- Increased security for cold storage of personal funds.
- Business accounts where the CEO, CFO, and a Board member all can provide signatures for a transfer.
- Complexity and convenience - you have to control multiple devices. Even Bitcoin-specific hardware and software multisig wallets can be way too complicated for users.
- A backup strategy for all wallet keys is a must, along with regular co-signer keys health checks. Unfortunately, there is no reasonable UX or process automation provided to accomplish this.
- An individual and separate setup/protocol are needed for each cryptocurrency: e.g., you need independent multisig setups for Bitcoin & Ethereum.
Some private companies offer subscription services to help users, and especially companies, manage multisig wallets and keys in such a way that the crypto owner still retains control over a majority of the private keys.
Imagining Multisig as multiple keys to a vault
Imagine that you have a vault that you keep under lock and key, and that only you have the key. Things are good as long as you don't lose the key, it's not stolen from you, and you remain competent and available. But if you lose the key, or you can't get to the vault yourself, suddenly your money is no longer accessible to you, your family, or trusted agents. To prevent potential loss of access, you might look for a way to give more people access to your vault.
You might be tempted to distribute several vault keys among your closest friends and family. But you should be rightfully wary of giving them copies of the same key that would allow one of them to open the vault themselves.
These risks of key loss, theft and your own availability are the same whether your vault is physical or cryptocurrency - but the keys to a crypto vault are digital, which allows much more flexibility in key distribution. With a digital vault, you can choose to have the lock open only with multiple collaborating keyholders. For example, access could be granted if any 3 out of a pool of 5 keys are used to unlock it.
This is how crypto Multisignature transactions work. With Multisig transactions, the virtual "lock" on an address containing crypto will open only after it is authorized by a pre-set number of private keys. From a technical perspective, this digital lock works by way of a programmable spending policy that is attached to the blockchain address holding the crypto assets.
Multisig: Multiple locks, multiple keys
Multisig for business
Organizations generally do not want to place one person in charge of a large amount of cryptocurrency. (Companies sometimes require multiple approvals for anything more than petty cash!) Organizations often have policies requiring separation of duties or consensus between multiple stakeholders. Some Multisig implementations offer sophisticated spending rules, like allowing crypto to be spent if 3 of 5 regular keyholders provide a private key signature, plus 1 of 2 hierarchically superior keyholders. Institutions also want ways to retract keys when staff leave, and ways to temporarily delegate signing authority. Multisig configurations can conform to such organizational expectations, and organizations can accommodate the additional time and complexity needed for setting it up.
MultiSig for individuals
Some individuals are also attracted to the idea of setting up multisig crypto addresses. They might envision collaborating with a friend or relative to approve spend transactions, or manually controlling each of the approving wallets themselves, distributing them in different locations or just on different devices in order to guard against loss of funds in the event that they lose control of one wallet. This can protect individuals from one form of single point of failure risk (the loss of control of one of the co-signer wallets), just like businesses can achieve. To achieve this, some advanced crypto users set themselves up with a collection of wallets and a means of backup and regularly following the manual procedure of checking the status of wallets and backups.
How does MultiSig work in real life?
Let's explore a typical example of configuring a Multisig wallet to protect your cryptocurrency:
- Initiate the process of setting up a Multisig crypto wallet address using a multisig-capable wallet on a desktop computer. Choose a multisig vault that requires 2 out of 3 signatures.
- Obtain and set up a Hardware wallet with key #1 (if using a subscription service, this would not normally be included with the subscription price).
- Obtain another hardware wallet with key #2 (if using a subscription service, this would not normally be included with the subscription price). (Alternatively, install key #2 in a mobile app wallet.)
- To use a Laptop / desktop computer to sign transactions with hardware wallets, you might need multiple desktop computers, if you are also using desktop crypto wallets, and are following recommendations to store all keys geographically separated in different locations.
- Set up Recovery key #3, which might be stored with a wallet vendor's service.
- Back up all of the public and private keys for all of the devices. (If different people are in control of different signing wallets, this would require coordination such that all of the public keys are stored together, but the private keys stored independently.)
- If using a multisig vendor service, there may be a set of key recovery steps that rely on identifying factors such as answering secret questions. These security mechanisms could have their own flaws, for example, some secret questions may be fixed by the service, and based on users' biography details that may not be perfectly secret - not good security practice.
Actual steps in using Multisig once you have set it up are often something like this, where each step is necessary:
- Initiate a transaction from a mobile app wallet on a smartphone. App requests signature using key #1 (hardware wallet #1) and sends an e-mail to the user address with the link to the transaction signature page.
- User switches from smartphone to their desktop computer. Next, they open the email client and click on the link. Next, they open the desktop wallet software for hardware wallet #1.
- User switches to hardware wallet #1, unlocking it with its PIN and potentially connecting it to a desktop computer. Next, they sign the transaction with key #1.
- User switches back to the mobile app wallet on their smartphone. Then they check if the wallet app sees the first signature and if yes, initiates the second signature. Next, the App requests signature by key #2 (hardware wallet #2) and sends an e-mail to the user address with the link to that transaction signature page.
- User switches to the computer (or moves to another location if keys are stored separately). Next, they open the email client and open the link. Then they open the desktop wallet software for hardware wallet #2.
- User switches to hardware wallet #2, unlocking it with its PIN and potentially connecting it to a desktop computer. Next, the User signs the transaction with key #2.
- User switches back to the mobile app wallet on their smartphone. They check to see if the if app sees the 2nd signature, and whether the transaction confirmation is posted to the network.
This is still a standard of convenience of Multisignature today.
Multisig was created to solve the huge problem of derisking "single point of failure" and making Bitcoin available for enterprises when it first started to become popular (in 2013 by BitGo), and is basically a transition technology.
With the advent of new crypto users and especially the next 100 million to join the crypto movement, Multisig has become a complex and inconvenient method to practically reduce the risk for personal use.
Fortunately, technology evolves, and there are now solutions that can make Multisig usable even for less mature users who educate themselves before jumping in.
This privacy issue is going to change with Taproot network upgrade activation that takes place in November 2021, but full support with wallet software rollout for general users might take more time.
Read on to understand why additional approaches are needed.
Pitfalls of Multisig
- Complexity and convenience - for one person to retain control over their own crypto funds in a Multisig setup, they have to solely control multiple devices. Even Bitcoin-only Multisig wallets can be way too complicated for individual users.
- A backup strategy is a must! A failure in key backup strategy can lead to complete loss of funds.
- Multisig implementation is different for every cryptocurrency.
Pitfalls of Multisig: Privacy
A Bitcoin multisignature address appears differently to those who examine Bitcoin transactions using a blockchain explorer tool. For this reason, the use of Bitcoin Multisig does not now offer complete privacy of transaction. (This does not imply that any observer can know who conducted which Multisig transaction ... but such transactions can be identified as being different from "regular" spend transactions.)
Pitfalls of Multisig: Backups
Although the risk of single-point-of-failure loss is reduced in the event that one wallet is lost or hacked, Multisig's potential for higher security can easily lead to a false sense of confidence and a loss of funds if backups are not correctly performed and maintained. To release the lock on crypto funds that are protected by Multisig, not just the requisite number of private key signatures is needed, but also public keys from all potential signers. The public keys are needed in order to provide the "terms for spending," as explained by a wallet developer in this discussion.
In a nutshell, all private keys need to be backed up and should be individually restorable by the person who controls those wallets. Additionally, the full set of public keys associated with all signers in the entire Multisig pool need to be backed up. (Because public keys are more sharable than private keys, the public keys could all be backed up together in a single limited-access place such as Vault12.)
For an individual user with a multi-device multisig setup, Vault12 can be used to easily back up ALL private and public keys. The Vault12 solution splits and safely stores keys in a geographically distributed, privacy-minded manner. This approach offers redundancy without sacrificing security.
Pitfalls of Multisig: Private key management
Just like key management requirements for a single crypto wallet with one seed phrase, if you use Multisig, now each of the potential signing wallets in the Multisig pool has to have its private key (or seed phrase) backed up with the same level of care. If you set up a fairly simple "2 of 3" Multisig crypto address to share the responsibility of authorizing crypto spending with two family members, now all three of you would need to learn how to generate, secure, and back up their wallet's seed phrase - and you would need to trust them to be responsible to protect that backup over time.
In other words, even if you set up Multisig among a collection of approving people or wallets, and you take perfect care of your own private key and all of the devices' public keys, but somehow more private keys are lost than the required number of co-signers, you would lose access to your crypto. (The blockchain network doesn't care if it wasn't your fault!)
Pitfalls of Multisig: Incompatible setup/protocols for each cryptocurrency
Independent multisig setups are necessary for Bitcoin and Ethereum because the technical mechanisms of locking and unlocking the blockchain addresses are different.
The Bitcoin community has implemented Multisignature on the native protocol level as a specific type of transaction and has dedicated the Bitcoin Script opcode OP_CHECKMULTISIG, which offers network-wide security design consensus. But supporting wallet software still should be a reputable and peer-reviewed implementation.
Ethereum on the other hand does not implement a Multisig on the native protocol level because it can be implemented on the higher smart contract level. So Ethereum MultiSig solutions take the form of various Smart Contracts provided by independent 3rd-party developers based on their own beliefs and security consensus. It could be a challenge for developers to get enough peer review to establish a security reputation for each - that normally takes years.
It is common for Multisig wallet vendors to concentrate on only one cryptocurrency due to the facts above.
How to make Multisig usable?
In Security, if something is not simple, it becomes less secure, since outcomes rely on human factors, and are subject to user failure.
Here is a better and easier solution to individual user crypto security. It is just easier to:
- Keep your seed phrase secured by Vault12.
- Monitor your crypto balance and receive transactions with a watch-only wallet or by using Address Explorer and XPUB.
- Have a dedicated, cheap iPhone with a secure enclave for spend transactions.
Whenever you need to sign a transaction:
- Stay in a secure environment (obviously).
- Unlock your seed with Vault12.
- Copy it into a freshly installed trusted wallet of your choice on a dedicated iPhone.
- Sign the transaction.
- Delete the wallet.
No hassle, no multitudes of protocols and devices to control or mess up with - and an even lower risk of failure as a result. Vault 12 also offers the added advantage of a similar experience for any cryptocurrency.
How to backup Multisig?
As described above, you can use Vault12 to perform key backups for Multisig the same way that you rely on it to back up resources for regular crypto wallets.
But you need to keep in mind:
- If there are other people in control of some of the devices that are potential signers for your Multisig transactions, their private keys need to be backed up (by them!) as well as the private keys for your own wallet(s).
- You need to ensure that the public keys for all potential signers' wallets are backed up as well as everyone's private keys.
As soon as you give Multisig a try, you can upgrade your experience by using Vault12 to perform key backups and gain a higher level of convenience without sacrificing security for your Multisig cold storage.
Compared to the manual multisig backup approach where you would have to rely on every co-signers careful key management and backup, along with checking key health status or control multiple devices yourself, with Vault12 you can significantly benefit from creating a backup of all your keys at once. Vault12 is a distributed backup, so it wouldn't create a single point of failure and it has implemented automation of backup health status. This way you are both getting a higher level of redundancy and convenience without sacrificing any security. Effectively it is more convenient and secure.
Do not forget that you need to backup all public and all private keys to recover your multisig wallet, whether you are going to distribute and control that manually or go on with automated Vault12 security procedures. Check for the exact instructions of what to backup with your multisig wallet support site.
Recovery from Vault12
If you do choose to use Multisig wallets, and you want to recover your backup to restore a wallet, some Multisig public keys, or any digital asset that you have stored in your Digital Vault, it is a simple process. Just initiate a request from the Vault12 app and rely on your choice of trusted Guardians!
Then follow the recovery instructions of your multisig wallet. (If you are struggling to find it, try searching for the wallet name and a direct link to recovery instructions here: https://github.com/nvk/wallets-recovery - this is a public database updated by wallet developers and supported by the ColdCard founder).
Is Multisig right for you?
Whether you should learn how to perform Multisig transactions depends on your individual needs, and your appetite for more complicated steps. There is no right blend of security and complexity that works for everyone, and there is a learning curve for using Multisig. Don't push past the comfort zone of your knowledge to a point where you might make mistakes.
Using Multisig for crypto transactions extends the power of approving transactions - and it extends the responsibilities. Maybe that is not a problem for you; maybe you, and your set of trusted family and friends has several crypto experts already. But you can see why the choice of whether to pursue Multisig is an individualized one.
- What is Multisig?
- Imagining Multisig as multiple keys to a vault
- Multisig for business
- MultiSig for individuals
- How does MultiSig work in real life?
- Pitfalls of Multisig
- Pitfalls of Multisig: Privacy
- Pitfalls of Multisig: Backups
- Pitfalls of Multisig: Private key management
- Pitfalls of Multisig: Incompatible setup/protocols for each cryptocurrency
- How to make Multisig usable?
- How to backup Multisig?
- Recovery from Vault12
- Is Multisig right for you?