Are Multi-sig Wallets Truly Safe?
The First Multi-sig Wallets
Popular cryptocurrency exchange and wallet provider Coincheck got hacked in January 2018, stealing about 500 million NEM ($532 million) and transferring into 19 wallets, 18 of which were controlled by the hackers. This event turned out to be the biggest cryptocurrency heist of all time.
Many other crypto hacks such as the MT Gox, BitFinex, BitGrail, Zaif were recorded similarly across many exchanges afterward. Investors thought that was the end of Bitcoin and anything crypto-related.
These safety lapses triggered crypto enthusiasts and programmers to have to look for a solution.
Bitcoin’s security and coin safety started in 2011 at a Bitcoin Conference in Prague.
The world’s first hardware wallet was Trezor, launched in 2011 as cold storage for locking away Bitcoins in a single-purpose computer device with private keys and in the custody of the owner.
With this idea, SatoshiLabs, the creators of Trezor came up with a palm device that had open-source and auditable software. With the success of its open-source software, Trezor’s software is now being used by more than 10 other hardware wallet providers.
The Trezor story was indeed a success for the Czech crypto programmers, Pavol “Stick” Rusnák and Marek “Slush” Palatinus.
But there was a void… single-signature wallets were still prone to hacks.
The first Multisig wallet was launched in August 2013 by BitGo, a Bitcoin security company and a pioneer of the multi-sign technologies wallet.
BitG0’s CEO and Cofounder Will O’ Brien’s outlook on the safety and sanity of the system paved way for improving security.
The multi-sig concept was to introduce parameters that required more than one user to authorize a Bitcoin transaction. This feature gave better control and accountability especially when institutional owners of digital assets were involved.
Are Multisig Wallets Truly Safe?
To provide an answer, we first need to examine how these wallets work and what they are.
Multisig wallets are digital wallets that require at least two private keys to sign (authorize) a transaction before it is sent to another user.
Multisig wallets use a Pay to Script Hash (P2SH) advance mode of Bitcoin and Altcoin transactions, which allows a sender to commit funds to a hash of an arbitrary valid script.
An M-of-N key to authorize a transaction. This authorization pattern is also referred to as the 2 0f 3 keys principle.
The image below illustrates how to set the signatures required on a multi-signature wallet on an Electrum installation wizard.
A multi-sig wallet user can set the number of signatures or keys required to authorize a transaction.
Trezor now supports Multi-signature technology on their hardware devices.
With additional authorizations required, will hacking be kept at bay?
Multi-sig wallets appeal to users concerned about governance with an institutional mindset. Corporates holding digital assets embrace this technology for better controls, accountability, and auditing.
The idea of the multi-sig wallet was to improve safety and security above functionality and design.
So, are Multisig wallets safe?… YES! they are.
While looking at the safety of the new multi-signature technology, let’s examine how it works.
How Does a Multi-sig Wallet Work?
While setting up a multisign wallet, you’ll be required to add more than one signature to authenticate any transaction. In this case, a co-signer is required to authorize all transactions that you initiate.
So, it makes sense to get a partner you trust and will also be available to co-sign whenever you need to transfer coins out of your wallet.
Multisig wallets provide an additional layer of security with this co-signing mechanism. If your partner is not available, funds cannot leave the wallet. This unique feature is not available on regular wallets.
The co-signing mechanism however could be inconveniencing sometimes but the safety of your coins is of utmost importance.
It’s worthy of note that a co-signing feature is just an option as one signature can as well move coins out of the wallet if it was configured to do so.
Advantages of a Multisig Wallet
The Multisig wallet has many sides to it that strengthens its purpose, but let’s examine this wallet closely.
📌 2 Factor Authentication
Users of multi-sig wallets have a 2FA code login process they have to go through before accessing their accounts. This prevents unauthorized access to the wallets in the first place.
📌 Added Layer of Security
With the cosigning feature on the multi-sig wallet compared to the regular hardware wallets, the multi-sig wallets were built utmostly for security and as such can hardly be hacked.
📌 Better Audit and Control
This is standard practice for small businesses and corporates with a desire for professional funds management.
The multi-sig wallet is ideal for checks and balances while limiting internal fraud. Transactions cannot be completed without the authorization of other cosigners.
📌 Escrow Transactions
Transactions requiring a high level of commitment and very huge sums possibly use escrows. Also, where trust has not fully been established, an escrow account on a multi-sig wallet is possible.
This is how it works…
For example, a buyer deposits money into the wallet and a seller sends a product, upon receiving the product, the buyer and the seller must provide signatures for the funds to leave the escrow which the wallet serves the purpose. After signatures, the funds move over to the seller.
The multi-sig wallet serves as an escrow.
Disadvantages of a Multisig Wallet
📌 Signature Protocols
There’s no doubt that over time, the co-signing feature could pose a challenge and inconvenience especially if your cosignatory is out of town or is indisposed one way or the other.
📌 Delay and Inconvenience
Further to the signature protocols required to complete a transaction, there could be deals that are timebound needing you to act. Not having a responsive partner could pose challenges.
📌 Unscalable and Deficient
Businesses that keep crypto or accept it as a means of payment may have to decide speed in transactions over security. The multi-sig wallets could become clogs in the wheel. Many firms have overcome this by adopting on-chain multsig to help reduce this lag.
You may be considering a wallet and security should be priority. Of course, that’s what wallets are for.
Let’s see these top multi-signature wallets
Top Multi-sig Wallets
Electrum is the most popular Bitcoin-only desktop wallet. Again, It is user-friendly to a few people…not just for everyone. If you are new to Bitcoin trading, it’s best to avoid it and try other wallets.
To learn how to set up Electrum multi-signature wallets, you should view this post.
Electrum is a software wallet. It is compatible with the following platforms: Android, Linux, Mac OS, Windows, and Python.
Electrum is a product from Thomas Voegtlin, one of the early adopters of Bitcoin.
The wallet is free and open source.
Armory is another known multi-signature wallet.
Armory is a software wallet. It’s compatible with the following platforms: Linux, Mac OS, and Windows.
Armory is a product from Armory Technologies Inc.
The wallet is free and open source.
Copay is an amazing multi-signature wallet.
Copay is a software wallet. It compatible with the following platforms: Android, iOS, Linux, Mac OS, and Windows.
Copay is a product from BitPay, a US company.
The wallet is free and open source.
However, it is one of the most secure wallets (even secure than all the three wallets mentioned above), and all the three multi-sig wallets above support it.
When trying to get a multi-sig wallet, consider using one of the three along with Trezor Model T.
The wallet is paid and open source.
Ledger products are also not multi-signature wallets. However, it is one of the most secure wallets (and all the three multi-sig wallets above support it.
When trying to get a multi-sig wallet, consider using one of the three along with Ledger Nano X.
But, let’s compare the Multisig vs, Ledger Vault and see what we may be missing out on…
The wallet is paid and proprietary.
Security ranks over style or design. Multisig wallets are an added layer of security to keep your wallets safe with peace of mind.
With this review, My opinion is that multisign wallets are truly safe to use over traditional wallets.