Are Multi-sig Wallets Truly Safe?

2/22/2023, 3:28:23 AM - Eddu Oz
Are Multi-sig Wallets Truly Safe?

The First Multi-sig Wallets

Popular cryptocurrency exchange and wallet provider Coincheck got hacked in January 2018, stealing about 500 million NEM ($532 million) and transferring into 19 wallets, 18 of which were controlled by the hackers. This event turned out to be the biggest cryptocurrency heist of all time.

Many other crypto hacks such as the MT Gox, BitFinex, BitGrail, Zaif were recorded similarly across many exchanges afterward. Investors thought that was the end of Bitcoin and anything crypto-related.

These safety lapses triggered crypto enthusiasts and programmers to have to look for a solution.

Bitcoin’s security and coin safety started in 2011 at a Bitcoin Conference in Prague.

The world’s first hardware wallet was Trezor, launched in 2011 as cold storage for locking away Bitcoins in a single-purpose computer device with private keys and in the custody of the owner.

With this idea, SatoshiLabs, the creators of Trezor came up with a palm device that had open-source and auditable software. With the success of its open-source software, Trezor’s software is now being used by more than 10 other hardware wallet providers.

The Trezor story was indeed a success for the Czech crypto programmers, Pavol “Stick” Rusnák and Marek “Slush” Palatinus.

But there was a void… single-signature wallets were still prone to hacks.

The first Multisig wallet was launched in August 2013 by BitGo, a Bitcoin security company and a pioneer of the multi-sign technologies wallet.

BitG0’s CEO and Cofounder Will O’ Brien’s outlook on the safety and sanity of the system paved way for improving security.

The multi-sig concept was to introduce parameters that required more than one user to authorize a Bitcoin transaction. This feature gave better control and accountability especially when institutional owners of digital assets were involved.

Are Multisig Wallets Truly Safe?

To provide an answer, we first need to examine how these wallets work and what they are.

Multisig wallets are digital wallets that require at least two private keys to sign (authorize) a transaction before it is sent to another user.

Multisig wallets use a Pay to Script Hash (P2SH) advance mode of Bitcoin and Altcoin transactions, which allows a sender to commit funds to a hash of an arbitrary valid script.

An M-of-N key to authorize a transaction. This authorization pattern is also referred to as the 2 0f 3 keys principle.

The image below illustrates how to set the signatures required on a multi-signature wallet on an Electrum installation wizard.

multisig wallets
Setting up cosigners

A multi-sig wallet user can set the number of signatures or keys required to authorize a transaction.

Trezor now supports Multi-signature technology on their hardware devices.

Trezor supports P2SH transactions for the following forms of redeeming scripts: P2WPKH-in-P2SH and P2SH-multisig. Other P2SH scripts are not supported.

With additional authorizations required, will hacking be kept at bay?

Multi-sig wallets appeal to users concerned about governance with an institutional mindset. Corporates holding digital assets embrace this technology for better controls, accountability, and auditing.

The idea of the multi-sig wallet was to improve safety and security above functionality and design.

So, are Multisig wallets safe?… YES! they are.

While looking at the safety of the new multi-signature technology, let’s examine how it works.

How Does a Multi-sig Wallet Work?

While setting up a multisign wallet, you’ll be required to add more than one signature to authenticate any transaction. In this case, a co-signer is required to authorize all transactions that you initiate.

So, it makes sense to get a partner you trust and will also be available to co-sign whenever you need to transfer coins out of your wallet.

How does multisig wallet work

Multisig wallets provide an additional layer of security with this co-signing mechanism. If your partner is not available, funds cannot leave the wallet. This unique feature is not available on regular wallets.

The co-signing mechanism however could be inconveniencing sometimes but the safety of your coins is of utmost importance.

It’s worthy of note that a co-signing feature is just an option as one signature can as well move coins out of the wallet if it was configured to do so.

SEE ALSO: 5 Top Reasons Multisig Wallets Outperform Traditional Digital Wallets

Advantages of a Multisig Wallet

The Multisig wallet has many sides to it that strengthens its purpose, but let’s examine this wallet closely.

2 Factor Authentication

2 Factor Authentication - multisig wallets

Users of multi-sig wallets have a 2FA code login process they have to go through before accessing their accounts. This prevents unauthorized access to the wallets in the first place.

2 Factor Authentication - multisignature wallet

Added Layer of Security

With the cosigning feature on the multi-sig wallet compared to the regular hardware wallets, the multi-sig wallets were built utmostly for security and as such can hardly be hacked.

Better Audit and Control

This is standard practice for small businesses and corporates with a desire for professional funds management.

The multi-sig wallet is ideal for checks and balances while limiting internal fraud. Transactions cannot be completed without the authorization of other cosigners.

Escrow Transactions

Transactions requiring a high level of commitment and very huge sums possibly use escrows. Also, where trust has not fully been established, an escrow account on a multi-sig wallet is possible.

This is how it works…

For example, a buyer deposits money into the wallet and a seller sends a product, upon receiving the product, the buyer and the seller must provide signatures for the funds to leave the escrow which the wallet serves the purpose. After signatures, the funds move over to the seller.

The multi-sig wallet serves as an escrow.

SEE ALSO: 5 Best Ethereum Wallets for Safe trading and Storage

Disadvantages of a Multisig Wallet

Signature Protocols

There’s no doubt that over time, the co-signing feature could pose a challenge and inconvenience especially if your cosignatory is out of town or is indisposed one way or the other.

Delay and Inconvenience

Further to the signature protocols required to complete a transaction, there could be deals that are timebound needing you to act. Not having a responsive partner could pose challenges.

 Unscalable and Deficient

Businesses that keep crypto or accept it as a means of payment may have to decide speed in transactions over security. The multi-sig wallets could become clogs in the wheel. Many firms have overcome this by adopting on-chain multsig to help reduce this lag.

You may be considering a wallet and security should be priority. Of course, that’s what wallets are for.

Let’s see these top multi-signature wallets

Top Multi-sig Wallets

1. Electrum

Electrum - multisig wallets

Electrum is the most popular Bitcoin-only desktop wallet. Again, It is user-friendly to a few people…not just for everyone. If you are new to Bitcoin trading, it’s best to avoid it and try other wallets.

If you already have a hardware wallet such as Ledger and Trezor, then Electrum wallet will be a perfect match for multi-signature features.

To learn how to set up Electrum multi-signature wallets, you should view this post.

Electrum is a software wallet. It is compatible with the following platforms: Android, Linux, Mac OS, Windows, and Python.

Electrum is a product from Thomas Voegtlin, one of the early adopters of Bitcoin.

The wallet is free and open source.

2. Armory

Armory wallet - armory multisig wallet

Armory is another known multi-signature wallet.

Armory is a software wallet. It’s compatible with the following platforms: Linux, Mac OS, and Windows.

Armory is a product from Armory Technologies Inc.

The wallet is free and open source.

3. Copay

Copay - Are Multi-sig Wallets Truly Safe?

Copay is an amazing multi-signature wallet.

Copay is a software wallet. It compatible with the following platforms: Android, iOS, Linux, Mac OS, and Windows.

BitPay Announces Copay, a Multi-Signature Bitcoin Wallet – YouTube

Copay is a product from BitPay, a US company.

The wallet is free and open source.

4. Trezor

Trezor wallets - Are Multi-sig Wallets Truly Safe?

Trezor does not directly support multi-signature wallets, but it is possible to use Multisignature transactions with Trezor device and Electrum however it is not implemented in Trezor Wallet yet.

However, it is one of the most secure wallets (even secure than all the three wallets mentioned above), and all the three multi-sig wallets above support it.

When trying to get a multi-sig wallet, consider using one of the three along with Trezor Model T.

The wallet is paid and open source.

SEE ALSO; 3 Key Things to Look out for When Buying a Hardware Wallet

5: Ledger

Ledger wallets

Ledger products are also not multi-signature wallets. However, it is one of the most secure wallets (and all the three multi-sig wallets above support it.

When trying to get a multi-sig wallet, consider using one of the three along with Ledger Nano X.

But, let’s compare the Multisig vs, Ledger Vault and see what we may be missing out on…

Multisig vs ledger vault

The wallet is paid and proprietary.

Final Thoughts

Security ranks over style or design. Multisig wallets are an added layer of security to keep your wallets safe with peace of mind.

With this review, My opinion is that multisign wallets are truly safe to use over traditional wallets.

Read More