What Is a Multisig Wallet and How Do I Create One?

Every cryptocurrency wallet has a private key, which is used to sign transactions and gives a user complete control over that digital wallet. That means that no matter what the value of cryptocurrency in the wallet is, whether thousands or billions, these funds are under the control of one private key. Additionally, if the private key to the wallet is lost or otherwise compromised in any way, you risk completely losing those funds. (Click here to learn how to keep your private keys safe). 

The multisig wallet then helps to increase the security of your crypto assets because instead of relying on one private key to control all the funds of a particular wallet, it would take multiple private keys to sign off on any transaction. Let’s have a deeper look into the security behind multisig wallets.

Multisignature wallets use an M of N approach to signing transactions, which means M keys out of a possibility of N keys must sign off on a transaction before it is executed. For example, 2 out of 3 private keys corresponding to a wallet address must confirm the transaction for it to be valid.

As an example, let’s assume your crypto wallet has a balance of $35,000 in BTC. With a multisig wallet, the address that houses this BTC will have two or more keys, rather than the traditional one key. So, in this example, let’s say there are three private keys, and you state that at least two of those three keys need to verify the transaction before the BTC can be moved. 

Here’s how that could look:

• One Easily Accessible Key: You have one key in your hot wallet or hardware wallet. This is the one you can access more readily on your phone or at home or at the office.

• One Backup Key: You have another key that serves as a backup in case you lose your easily accessible key. You’ll want to keep this key in a separate and safe location. It could be in a safety deposit box, for example.

• One Key Held By a Service Provider: This is another key that you’ll give to a multisig provider such as Unchained Capital or Casa. Typically, you’d want this service provider to have a minority of the keys required to approve a transaction so they never have control of your assets. 

Of course this is a more simplified example of a multisig scheme, and you can increase the number of M out of N signature keys. For example, rather than have a 2 out of 3 structure, you can have 3 of 5, or 5 of 7, or even a 15 out of 15, and so on. 

The great thing about using a multisig wallet is that you get the added peace of mind that your crypto assets cannot be controlled by a single source and you also get similar fraud prevention mechanisms you might find in the credit card industry. 

There are a number of ways you can create a multisig wallet including setting it up and managing it yourself, or using a multisig service provider.

Electrum and Specter multisig wallets offer great security for your crypto assets, but when setting up and managing them yourself, you also take on the task of increased complexity. This can pose a security risk in that if you lose the keys required for transaction signing, you also lose access to your funds. 

These organizations can help onboard you and they also include security features such as a mandatory video call to approve transactions with a key they hold. This can be helpful in cases where you lose a private key for example or you simply want the certainty that your solution is functional and secure. Casa and Unchained Capital are two of the biggest players in this space.

Electrum also has a mobile multisig option, as does BitPay, BitGo, BTC.com and others. And although mobile wallets offer convenience, we would recommend at the very least pairing them with a hardware wallet for a greater level of security.

Multisignature wallets are a good option for security, especially if you want team ownership/control of your organization’s wallets. 

And if you want to explore this topic and more ways to secure your crypto assets, reach out to our blockchain security experts at halborn@protonmail.com.