Du kannst diesen Artikel auch auf Deutsch lesen.
For most people, using a hardware wallet with a single wallet backup is more than enough. It’s secure, easy to understand, and there is little room for error, which makes it both a great starting point for beginners while still being a solid solution for more advanced users.
However, some users have more specific needs when it comes to securing their bitcoin. To increase the security (and complexity) of a wallet setup, multisignature wallets can be considered the “holy grail” of wallet security, as they’re a widely established standard that can be fine-tuned to very individual needs.
The title of this blog post is, of course, a bit exaggerated. It’s virtually impossible to bundle every important aspect and all the interesting possibilities multisig has to offer into a single eight-minute article. Instead, let’s focus on the basics and explore how multisig works and whether you should or shouldn’t make use of this advanced security feature for your Bitcoin wallet.
How multisig works
Usually, the conditions for sending bitcoin are quite simple: a single digital signature is enough to spend them.
A multisig wallet can extend this condition to multiple required signatures, for example, from multiple hardware wallets, each with their own wallet backup. Not only can you increase the total amount of wallet backups this way, but also set a custom signature amount, also known as the threshold. This means that a wallet can for example require 1 out of 2, 5 out of 7 or even 14 out of 15 keys to sign a transaction!
As an example, a common setup many users go for is two out of three: Three different wallet backups on ideally three different hardware wallets can be used to create a transaction, but only two of them need to sign the transaction for it to be valid. In the example below, the third hardware wallet can act as a backup, should one of the other two devices become unavailable.
What separates multisig from other approaches like simple splitting of backups or an optional passphrase is that it’s enforced on the network level: A Bitcoin transaction will simply be rejected by other nodes in the network if it doesn’t meet the required conditions.
This threshold can be arbitrary, e.g. 1-of-2, 2-of-3 like above or even 3-of-5. Of course, the more total backups you go for, the more difficult and expensive it gets to keep track of them and store them somewhere safe, so you should try to be reasonable here.
Who multisig is for
Personal multisig setups typically share a common goal: increasing security. This goal is not one-dimensional, though, as it can be achieved through a combination of several benefits, depending on what you’re aiming for:
- Redundancy: The custom signature threshold can be used to add redundancy to your wallet setup. If there are more total backups than signatures required for a transaction, it’s safe to lose access to some backups (e.g. through theft), as long as enough backups are still available to meet the threshold.
- A second factor: Similar to how an optional passphrase can be used as a second layer of authentication to get access to your coins, multisig wallets require access to different wallet backups and devices. If an attacker doesn’t control enough backups for a valid transaction, they cannot steal your coins.
- Multivendor: If you want to avoid relying on a single hardware wallet manufacturer, using multiple different devices in a multisig wallet can reduce the risk of one device’s vulnerability putting your coins in danger. Note that this also increases the total attack surface of the wallet setup.
- Plausible deniability: A single hardware wallet can be used as a “normal wallet” and be part of a multisig setup at the same time. The user can hide their real treasury on the multisig wallet and use the singlesig wallet as a decoy for potential attackers.
There are many more creative and powerful ways of using multisig wallets for other use-cases, with a few examples being:
- Inheritance plans: Using multisig in combination with more complex conditions can enable very specific inheritance planning. For example, a father and mother could each have control over a wallet on their own, while their children can only access it together and after a certain amount of time has expired. See our blog post on using the BitBox02 with Liana.
- Shared ownership: A company wallet can be controlled by multiple people in executive positions, ensuring no single person can go rogue and make financial decisions on their own.
- Lightning: The Lightning network, which enables fast and cheap Bitcoin payments, is essentially just a large collection of carefully configured and regularly updated multisig wallets.
- and so much more…
If you can see yourself benefiting from one or more of these points, keep reading! There are some important aspects to consider before making the decision to switch to a multisig wallet.
What to keep in mind
Setting up a multisig wallet is one thing, but using it securely without undermining the main benefits is not as easy as you might think. There are multiple pitfalls when it comes to using a multisig wallet, which can make it a difficult recommendation for beginners.
Let’s look at a brief excerpt of some potential risks. This is by no means a complete picture, but more like a starting point to get an idea of how complex the risks and their mitigations can get.
Cosigner verification
A receive address of a multisig wallet is special: It contains information about multiple independent keys, which determine the conditions on how the bitcoin can be spent. Making sure these receive addresses contain exactly the spending conditions you want them to, is crucial for the security of the entire setup.
When using the multisig wallet for the first time, all extended public keys (xpubs) of all cosigners need to be carefully verified on all devices, to make sure that no information was manipulated along the way. This also makes it essential for hardware wallets used in a multisig setup to have a secure display.
The BitBox02 allows you to register up to 25 different multisig setups directly on the device – an important security feature you should look out for when choosing your signing devices. This ensures that any changes to the setup after the initial verification can be detected by the BitBox02 itself, without having to do a cumbersome manual check each time (which most people would likely neglect at some point).
Incomplete backups
Staying with the topic of receive addresses, there is another essential aspect to keep in mind: While the chosen signature threshold (e.g. 2-of-3) determines the conditions for spending, this does not apply to recovery of the wallet.
To rebuild receive addresses of your multisig setup and to be able to prepare transactions to spend from them, your wallet software requires access to all public keys used in the setup. This is why you should always make sure to back up all of your extended public keys on every individual backup. Since this information is not secret, you can, for example, safely print it from your host device. Be aware that anyone with access to these public keys can see your transaction history and balance.
Malicious cosigners
While no single cosigner can spend bitcoin in common multisig setups like a 2-of-3, they still have a certain amount of influence.
For example, a single malicious cosigner could communicate a manipulated extended public key to the other signers, pretending it belongs to the user’s backup. This way, the user’s funds could effectively be locked up in “the wrong wallet” as part of a ransom attack.
There is no way for the other signers to notice this, except if they derive the extended public key from the backup themselves – which, however, would defeat one of the multisig benefits. This is why you should refrain from mixing potentially compromised cosigners (e.g. a hot wallet on your computer) with secure ones (hardware wallets). A good rule of thumb is that you should be relatively comfortable with using each of your cosigners in a normal wallet setup as well.
Find out more details in our dedicated blog post on multisig pitfalls.
Getting started
You understand how multisig wallets work and feel comfortable managing the risks associated with them? Great! If you want to get started creating your own multisig wallet, the BitBox02 is a great option, featuring on-device setup registration and compatibility with lots of different wallet software.
Check out our extensive guides on creating a multisig wallet with your BitBox02 and…
Conclusion
Multisig is one of self-custody’s most powerful tools when it comes to increasing the security and individuality of your wallet setup. Just like with most things in life, it can be a double-edged sword, with several pitfalls and risks that come with it and may lead to costly mistakes.
If you’re interested in using multisig for your own wallet, don’t be scared by all the disclaimers and warnings, though. If you take the time to learn the essentials, multisig can be a great way to improve the security of your bitcoin even further. No matter what your specific requirements may be, the BitBox02 is built to make your multisig experience convenient and secure.
Frequently asked questions
What is a multisig wallet?
Multisig wallets are considered more secure because they require more signatures from different private keys for a valid Bitcoin transaction. The amount of backups and signature limit can be adjusted, making multisig a very flexible and powerful tool.
What are the benefits of multisig?
Benefits of using a multisig wallet include more redundancy for your backups, adding a second factor of authentication and plausible deniability. Using hardware wallets from different vendors can also reduce the risk of a "single point of failure".
Are there downsides to multisig?
There are several pitfalls when using a multisig wallet, which are important to understand, in order to use multisig securely. Among these are the verification of public keys (xpubs) and careful creation of backups.
Can I use the BitBox02 for multisig?
Yes, the BitBox02 can be used with multisig wallets using third party wallet software. The device can register up to 25 unique multisig setups, making verification easier and more secure.
Don’t own a BitBox yet?
Keeping your crypto secure doesn't have to be hard. The BitBox02 hardware wallet stores the private keys for your cryptocurrencies offline. So you can manage your coins safely.
The BitBox02 also comes in a Bitcoin-only version, featuring a radically focused firmware: less code means less attack surface, which further improves your security when only storing Bitcoin.
Shift Crypto is a privately-held company based in Zurich, Switzerland. Our team of Bitcoin contributors, crypto experts, and security engineers builds products that enable customers to enjoy a stress-free journey from novice to mastery level of cryptocurrency management. The BitBox02, our second generation hardware wallet, lets users store, protect, and transact Bitcoin and other cryptocurrencies with ease — along with its software companion, the BitBoxApp.