The wallet space is almost as vast as the crypto space itself, with hundreds of different companies, implementations, categories, etc. It's a full-time job trying to understand hot vs. cold, software vs. hardware, smart contract vs. simple, sharded keys vs. sole ownership, etc.! So, in this article, we will focus solely on a specific type of wallet construction: multi-signature. But before we dig in, if you want to learn more about multisigs or other wallet types, check out the full article
Multi-signature Wallets
Multi-signature (AKA multi-sig) is a type of security model and digital signature scheme that requires users to provide multiple keys to authorize access to or transact with secure digital assets. Such a transaction must be signed by a threshold of participants in order to be valid, similar to how some legal or financial documents require a co-signer or multiple authorizations across different mediums. The wallet owner can decide how many signatures are required for a transaction to be valid.
Multi-signature schemes have numerous benefits, including dividing up responsibility for possession of a digital asset among multiple people, heightened security by eliminating a single point of failure, and a solution for wallet recovery in the case of someone losing their private key. The primary benefit is that security is shared among numerous individuals. Even if your computer and hardware wallet are stolen, you are still safe because other actors are needed to move funds if properly set up. Your crypto will remain secure even if your seed phrase is hacked, akin to a safe deposit box that requires multiple keys. In the same line, it is imperative that every person with multi-sig duties comprehends the significance of private keys/seed phrases and can be relied upon with this responsibility.
One of the most basic forms of multisig storage is the 1-of-2 setup. This involves binding two private keys to a single wallet, allowing anyone holding either key to approve transactions. This is ideal for a small business where either of the two founders can transfer funds and trust is established through contractual and personal relations. It can also be a useful personal backup solution, as users can recover funds even if they lose one private key.
Another commonly used multisig setup is the 2-of-3 signatures wallet. This requires two out of three registered signers to complete a transaction. It is useful for escrow transactions and is also implemented by cryptocurrency custodians as an additional security measure. In this setup, the company may hold two of the keys, with one securely stored offline and the other held online to make the signing process easier. The third key is delegated to a trusted blockchain security company, which may be required if the crypto custodian loses one of its keys.
For a more robust multisig setup, the 3-of-5 signatures wallet requires three out of five signatures to validate transactions. This is useful for a corporate structure where several decision-makers must approve transfers. As long as over 50% of the parties consent to the decision, they can approve fund transfers. Delegating signatures to entities in diverse geographical locations could improve security.
Multi-signature wallets can also be classified as hosted or unhosted. A hosted multisig wallet is one created with a third-party platform such as COINBASE Custody or BitGo. These entities secure cryptocurrencies using institutional-grade solutions while giving clients access to multi-signature functionality. Clients register approved signatories and define signature thresholds for fund transfers. An unhosted multisig wallet (also known as a self-hosted wallet or simply a wallet) is one where the individual or organization holds the private keys instead of using a trusted third party. The setup process for unhosted wallets is usually more complex as users require security-optimized infrastructure and best practices. However, the user enjoys greater convenience and eliminates the counterparty risk associated with third parties.
While multisig wallets offer superior security features, they also come with certain trade-offs. For instance, they may not be the ideal choice for scenarios that require quick transactions due to the need for multiple signatories. The number of signatories and geographical boundaries can also limit their usage, making them less convenient for emergency situations or routine payments. Moreover, using multisig wallets requires a certain level of technical knowledge, which may be beyond the reach of average investors.
The setup process for multisig wallets may involve consulting a third-party wallet provider, installing specific software, or purchasing dedicated equipment like multiple hardware wallets and safe boxes. This process may be too complex for the average crypto investor and is one of the key factors hindering the adoption of multi-signature wallets.
Another challenge associated with multisig wallets is fund recovery and custodianship. Compared to single-key storage, recovering funds stored in a multisig wallet takes longer and requires more coordination. Additionally, N-of-N setups may not provide backup or recovery solutions for rare situations where one of the signatories is unavailable.
Entities that choose to use a multisig wallet hosted by a third-party custodian may expose themselves to counterparty risk. If a security breach occurs at the third-party custodian, the consequences could be far-reaching.
Despite these challenges, multisig wallets are an attractive option for users who prioritize security over convenience. The level of security provided by multisig wallets makes them a popular choice for institutional investors and businesses that require a more sophisticated level of asset protection. For individuals looking to use multisig wallets, it is important to carefully consider the trade-offs and consult with a trusted third-party provider to ensure that the setup process is done correctly.
Multi-party Computation (MPC)
Multi-party computation is a solution for securing data among several participants in a private manner. It allows many parties, each with their own private data, to verify the final computation without revealing their own secret portion of the data. Each participant in an MPC possesses a piece of confidential information. Typically, one entity owns one part of a cryptographic key that can move funds or change code.
MPCs shard a private key into many segments, with each individual possessing a portion of the private key. When signing a transaction, a subset of MPC nodes must independently sign the transaction and communicate it to the larger group. In order to sign transactions, each participant inputs their secret portion and a public input (the message to be signed) to generate a digital signature. Then, anyone with access to the public key should be able to validate and verify the signatures. Since the key shares are pooled and the signature is generated off-chain, an MPC wallet transaction cannot be distinguished from a typical private key wallet.
Even if a bridging protocol has a limited quantity of relayer nodes, the relayers can be chosen at random from the pool of candidates to create the multi-party computing (MPC) group. To authorize a cross-chain transaction, the protocol can require a minimum number of relayers to come together and sign the message before any action can be taken. The greater the threshold of an MPC group, the less likely it is that relayer groups will collude.
MPC also guarantees that if a number of parties inside the group decide to disclose information or depart from the protocol's instructions during execution, the MPC will not allow them to coerce the honest parties into outputting an inaccurate result or leaking confidential information.
MPC Strengths
- No single failure point
- Flexible/Configurable Signing Schemes
- Detailed Controls Around Access and Signing
- Easier Recovery
MPC Drawbacks
- Off-chain Coordination and Accountability: Off-chain management of signing policies and approval quorums make MPC setups susceptible to centralized failures not applicable to regular cold storage.
- Incompatible with the majority of conventional wallets, such as LEDGER and Trezor, due to the absence of a seed phrase or complete private keys on a single device.
- MPC algorithms are not standardized; therefore, institution-grade secure devices like the iPhone SEP and HSMs do not natively allow bespoke implementations. MPCs are mostly niche, custom-made products with closed-source libraries.
Threshold Signature Schemes (TSS)
Threshold Signature Schemes (TSS) involve a subset of trusted nodes participating in key generation (and signature) events. MPC requires that more than one entity/node/validator is necessary to control the wallet's contents. TSS is a subset of MPC. TSS enables multiple entities to collaboratively generate a key and signature rather than just one party. After the key is generated, no single entity ever has access to the full key and cannot sign without the cooperation of the others. TSS is comprised of two values: n/t, where n is the number of nodes required to generate a signature, and t is the total number of entities involved.?
