In the world of cryptocurrencies , multisignature addresses ( multisig addresses ) or multisignature accounts are accounts whose control is shared between several entities, whose operation is similar to that of a multiple key safe. In the case of Bitcoin , they are made possible through the programmable nature of the protocol by allowing extensive use of the transaction signing algorithm. The multi-signature scheme can be leveraged to form a joint account shared by members of a couple or by business associates .
What is a digital signature?
Multisignature (also multi-signature or multisig) is a digital signature scheme which allows a group of users to sign a single document. Usually, a multisignature algorithm produces a joint signature that is more compact than a collection of distinct signatures from all users.
Multisignature adds additional security for cryptocurrency transactions. Multisig crypto wallets require all parties involved in the creation of this type of wallet to agree before any transaction can occur.
To understand how multi-signature accounts work, we must first look at the use of digital signatures In Bitcoin. To guarantee the ownership of bitcoins, the protocol uses an asymmetric cryptography algorithm to authenticate the author of a digital message using a signature. This signature algorithm is called ECDSA for Elliptic Curve Digital Signature Algorithm or “digital signature algorithm.
For any use of this algorithm, it is necessary to generate a pair of digital keys : a private key and a public key. The private key is a random number kept secret by the user. The public key is calculated from this private key so that we cannot do the calculation in the opposite direction. The role of the private key is to produce digital signatures that can be verified using the public key. This private key is never revealed and cannot be deduced from the produced signatures.
In Bitcoin, a third data is added: it is the public address allowing to receive funds. In the simple case, the address is simply calculated from the public key through hash functions, and usually takes the form of a string of numeric characters starting with a 1, like:
It is then the private key which makes it possible to sign transactions from this address. Thus, only the one who has this private key is able to move the bitcoins present at this address.
Suppose Jenny has funds at an address and wants to send 1 bitcoin to Bob. To do this, she constructs a transaction stipulating the transfer of value between her address and that of Bob (“Me Jenny gives 1 bitcoin to Bob.”) and signs it using her private key. She also includes her public key in the transaction. The Bitcoin network miners , who are in charge of validating the blockchain, will thus be able to verify that its signature corresponds to its private key.
For more details on keys and addresses, you can take a look at the article “ Private keys, public keys and addresses in Bitcoin ” which explains these concepts in a more advanced way.
How do multi-signature accounts work?
Beyond simple addresses corresponding to a single private key, there are so-called “ multi- signature ” addresses whose control is shared between several entity keys. Each multi-signature address follows an “ m-of-n ” scheme for 1 ≤ m ≤ n ≤ 15 which requires m signatures from the n co-owners to complete a transaction from the address.
Note, however, that only schemes for 1 ≤ m ≤ n ≤ 3 are considered standard , i.e. most network nodes will not relay transactions originating from a multisignature address with 4 or more participants, although these transactions are completely valid.
The ability to verify multiple signatures at once to make a payment stems from the programmable nature of Bitcoin. This is why multi-signature addresses are usually P2SH ( Pay-to-Script-Hash ) addresses starting with a 3: the multi-signature scheme is an advanced script to which the payment is directed.
For more details on the scripts used in multi-signature, you can see our article on smart contract use cases .
To illustrate this, let’s take the case of three people who create a multi-signature address: Jenny, Bob and samir. They want to use a scheme with 3 participants and 2 required signatures ( 2-of-3 ). To do this, they pool their public keys and create their multisignature address:
They can thus receive funds from anyone. Let’s say a fourth person, John, sends them 1 bitcoin .
Since only 2 signatures are required, Bob and Carole can complete a transaction without jenny intervening . They therefore decide to send the previously received bitcoin to another person, Eric. To do this, they just need to build a transaction and each sign it in turn using their private key. The multi-signature scheme used is also transmitted within the transaction. When the network miners validate the transaction, they will be able to verify that the two signatures correspond to 2 of the 3 public keys corresponding to the multisignature address.
We have spoken here of multisignature addresses, but you should know that it is also possible to manage multisignature accounts with multiple addresses. These are generated in a manner analogous to modern wallet accounts: the co-owners each have a seed (one private key generating all the others) which provides them with access to the account; by each sharing a public key corresponding to this seed, they can thus generate as many multisignature addresses as they want. This greatly improves the confidentiality of transactions by using a new address for each payment made.
If you are looking for a wallet that allows the creation of a multi-signature account, we advise you to use Electrum .
The use of multisignature accounts
Multisignature accounts can be used for a variety of reasons. A couple can open a joint account that will pool their funds while allowing each member of the couple to spend the funds individually ( 1-of-2 scheme ). Partners can also open an account for their company : for example, 3 partners can open an address requiring 3 signatures which they will share with their accountant or their lawyer ( 3-of-4 diagram ).
Multisignature addresses are also used in the construction of two -way payment channels , which form the building blocks of the Lightning Network . These are 2-of-2 addresses made to allow two people to exchange value without posting their transactions on the blockchain.
Multi-signature was present in the protocol from the launch of Bitcoin in 2009. However, it was not standardized until the end of 2011 by BIP-11 , and only began to develop. from 2012, in particular thanks to the introduction of P2SH addresses .
Today, multi-signature addresses represent a significant portion of Bitcoin’s economic activity. In fact, P2SH addresses (and their P2WSH counterparts) are dedicated in a large majority of cases to multi-signature accounts.
If we look at the graphs on Grafana (07/01/2019), we can see that, on the transactional outputs identified, multi-signature constitutes 65% of the transactional outputs identified, the other major use case being addresses SegWit P2WPKH. Of all the patterns out there, the 2-of-3 pattern is the most popular, followed far behind by the 3-of-4 and 2-of-2 patterns .
If we dwell on the richness conserved in multisignature addresses , the 3-of-5 scheme is the most popular, followed by the 3-of-4 , 2-of-3 and 3-of schemes. -6 . We therefore have complex schemes that end up holding several million bitcoins, and for good reason: these schemes are a solution of choice for the cold storage of exchange platforms such as Coinbase or Kraken . This is evidenced in particular by the presence of many P2SH addresses in the top 100 of the richest bitcoin addresses . The richest address is by the way a 3-of-6 multisignature addressfrom Bitfinex and contains over 138,000 BTC .
The future of multi-signature
In the future, multisignature accounts may evolve through the implementation of Schnorr signatures in the Bitcoin protocol. This development is currently under discussion within the community, and is notably supported by Pieter Wuille , a developer of Bitcoin Core. Bitcoin Cash also plans to implement them in May 2019.
As we have seen, in the current scheme, each of the signatories must add their signature to the transaction and it is the miners who are in charge of verifying that they do indeed coincide with the public keys of the multisignature account. With Schnorr’s signatures, it would be possible to do this work upstream and compress all the signatures into one. This improvement would make it possible to lighten the burden of the nodes of the network both at the level of the verification and of the place occupied by the signatures in the block extensions. It would also increase user privacy since multi-signature will look like an ordinary transaction from a single address.