Multisignature – Bitcoin Wiki

Multisignature

Multisignature (multisig) refers to requiring more than one key to authorize a Bitcoin transaction. It is generally used to divide up responsibility for possession of bitcoins.

Standard transactions on the Bitcoin network could be called “single-signature transactions,” because transfers require only one signature — from the proprietor of the private key associated with the Bitcoin address. However, the Bitcoin network supports much more complicated transactions that require the signatures of numerous people before the funds can be transferred. These are often referred to as M-of-N transactions. The idea is that Bitcoins become “encumbered” by providing addresses of numerous parties, thus requiring cooperation of those parties in order to do anything with them. These parties can be people, institutions or programmed scripts.

Consider the following script: Suppose I am working with a company that wants to accept Bitcoin for international trades.

The company, for security reasons, would not want a single one of its employees to have access to the company BTC wallet’s password. Any transaction would have to meet the approval of more than one employee.

Is this possible already? If not, how could it be implemented with public-key cryptography? [1]

Contents

Implementations

Shamir’s Secret Sharing Scheme (ssss) [Two] is a general software implementation of multisig.

Specific to Bitcoin, GreenAddress.it, for example, has 2-of-2 and 2-of-3 accounts (requiring at least two keys to authorize a transaction). Electrum permits a multisig wallet made of any combination of m-of-n. Coinbase also offers 2-of-3 and 3-of-5 multisig, which they call Vault. Blocktrail offers 2-of-3 multisig.

This javascript page can create and spend from multisig addresses: https://coinb.in/

Multisignature Applications

  • 2-of-3: Buyer-seller escrow where escrow agent cannot steal money: buyer commits money into a 2-of-3 transaction with the seller and a third-party arbitrator. If transaction goes slickly, then both buyer and seller sign the transaction to forward the money to the seller. If something goes wrong, they can sign a transaction to refund the buyer. If they cannot agree, they both appeal to the third-party who will arbitrate and provide a 2nd signature to the party that it deems is worth it.
  • 3-of-5: Low-trust donation address: five trusted people from a project each hold a private key. Three people are required to actually spend the money but anybody can donate to the project’s address. Reduces the risk of embezzlement, hacking/malware or loss due to a single person losing interest in the project. Which private key was used in the final signature is visible on the blockchain which aids accountability.
  • 2-of-2: Multisignature wallet: One private key is on your primary computer, the other on your smartphone — the funds cannot be spent without a signature from both devices. Thus, an attacker must build up access to both devices in order to steal your funds (much more difficult than one device)
  • 1-of-2: Hubby and wifey petty cash joint account — the signature of either spouse is sufficient to spend the funds.
  • 2-of-2: Spouse and wifey savings account — both signatures are required to spend the funds, preventing one spouse from spending the money without the approval of the other
  • 2-of-3: Parents’ savings account for child — the kid can spend the money with the approval of either parent, and money cannot be taken away from the child unless both parents agree
  • 2-of-3: A board of three directors maintaining funds for their organization — those funds cannot be spent unless any two of those directors agrees. Thicker multi-signature transactions are possible for fatter organizations, such as 3-of-5, 5-of-9, etc.
  • 2-of-3: Business security. A bitcoin business such as an exchange holds one private key online and one private key as paper backup. A separate bitcoin security rock hard holds the third key online and will only sign transactions after checking certain conditions (blacklists, whitelists, not more than X withdrawn per time period, conform with regulatory environment, etc). If the bitcoin business or the security rigid’s hot wallets individually get hacked, the bitcoins cannot be stolen. If the bitcoin security rock hard vanishes the business can use the paper backup to access coins.
  • 2-of-2: Brainy contracts building block such as tumblebit, coinswap and Lightning Network.

History of Multisignature

Multisignature has been used for thousands of years to protect the security of crypts holding the most precious relics of saints. The superior of a monastery would give monks only partial keys for gaining access to the precious relics. Thus, no single monk could build up access to and possibly steal the relics. [Three]

Multisignature Wallets

A number of companies have developed multisig wallets: [Four]

Creating a Multisignature Address with Bitcoin-Qt

A 2of3 multisig address can be created by following these steps: [Five]

Multisignature – Bitcoin Wiki

Multisignature

Multisignature (multisig) refers to requiring more than one key to authorize a Bitcoin transaction. It is generally used to divide up responsibility for possession of bitcoins.

Standard transactions on the Bitcoin network could be called “single-signature transactions,” because transfers require only one signature — from the possessor of the private key associated with the Bitcoin address. However, the Bitcoin network supports much more complicated transactions that require the signatures of numerous people before the funds can be transferred. These are often referred to as M-of-N transactions. The idea is that Bitcoins become “encumbered” by providing addresses of numerous parties, thus requiring cooperation of those parties in order to do anything with them. These parties can be people, institutions or programmed scripts.

Consider the following script: Suppose I am working with a company that wants to accept Bitcoin for international trades.

The company, for security reasons, would not want a single one of its employees to have access to the company BTC wallet’s password. Any transaction would have to meet the approval of more than one employee.

Is this possible already? If not, how could it be implemented with public-key cryptography? [1]

Contents

Implementations

Shamir’s Secret Sharing Scheme (ssss) [Two] is a general software implementation of multisig.

Specific to Bitcoin, GreenAddress.it, for example, has 2-of-2 and 2-of-3 accounts (requiring at least two keys to authorize a transaction). Electrum permits a multisig wallet made of any combination of m-of-n. Coinbase also offers 2-of-3 and 3-of-5 multisig, which they call Vault. Blocktrail offers 2-of-3 multisig.

This javascript page can create and spend from multisig addresses: https://coinb.in/

Multisignature Applications

  • 2-of-3: Buyer-seller escrow where escrow agent cannot steal money: buyer commits money into a 2-of-3 transaction with the seller and a third-party arbitrator. If transaction goes sleekly, then both buyer and seller sign the transaction to forward the money to the seller. If something goes wrong, they can sign a transaction to refund the buyer. If they cannot agree, they both appeal to the third-party who will arbitrate and provide a 2nd signature to the party that it deems is worth it.
  • 3-of-5: Low-trust donation address: five trusted people from a project each hold a private key. Three people are required to actually spend the money but anybody can donate to the project’s address. Reduces the risk of embezzlement, hacking/malware or loss due to a single person losing interest in the project. Which private key was used in the final signature is visible on the blockchain which aids accountability.
  • 2-of-2: Multisignature wallet: One private key is on your primary computer, the other on your smartphone — the funds cannot be spent without a signature from both devices. Thus, an attacker must build up access to both devices in order to steal your funds (much more difficult than one device)
  • 1-of-2: Hubby and wifey petty cash joint account — the signature of either spouse is sufficient to spend the funds.
  • 2-of-2: Spouse and wifey savings account — both signatures are required to spend the funds, preventing one spouse from spending the money without the approval of the other
  • 2-of-3: Parents’ savings account for child — the kid can spend the money with the approval of either parent, and money cannot be taken away from the child unless both parents agree
  • 2-of-3: A board of three directors maintaining funds for their organization — those funds cannot be spent unless any two of those directors agrees. Thicker multi-signature transactions are possible for thicker organizations, such as 3-of-5, 5-of-9, etc.
  • 2-of-3: Business security. A bitcoin business such as an exchange holds one private key online and one private key as paper backup. A separate bitcoin security rock hard holds the third key online and will only sign transactions after checking certain conditions (blacklists, whitelists, not more than X withdrawn per time period, serve with regulatory environment, etc). If the bitcoin business or the security stiff’s hot wallets individually get hacked, the bitcoins cannot be stolen. If the bitcoin security stiff vanishes the business can use the paper backup to access coins.
  • 2-of-2: Wise contracts building block such as tumblebit, coinswap and Lightning Network.

History of Multisignature

Multisignature has been used for thousands of years to protect the security of crypts holding the most precious relics of saints. The superior of a monastery would give monks only partial keys for gaining access to the precious relics. Thus, no single monk could build up access to and possibly steal the relics. [Three]

Multisignature Wallets

A number of companies have developed multisig wallets: [Four]

Creating a Multisignature Address with Bitcoin-Qt

A 2of3 multisig address can be created by following these steps: [Five]

Related video:

Leave a Reply