Multisig Bitcoin
Multi-Signature Wallets
We’ve noticed a really interesting three-point pattern in the bitcoin exchange marketplace that goes something like this:
- Exchange proclaims that 95% of bitcoin are held in cold storage
- 5% of bitcoin held in hot wallets turn out to be more like 11% when they are stolen
- Bitcoin exchange announces integration with bitgo multisig enterprise solution to secure their hot wallets.
Retail wallet holders, on the other hand, have been slow to adopt this pretty user-friendly and intuitive technology and that, dear reader, should change starting with YOU!
Multisig wallets not only add an additional layer of security against cyber theft, they protect us from that most cruel of adversaries – our own fallibility. Multisig wallets exploit a feature known as Pay to Script Hash (P2SH), which allow bitcoin transaction authorization by more than one private key. There are variations of the exact methodology, but the general concept is a three private key scenario in which the first key is stored client side, the second key is stored server side by the wallet or third party security provider, and the third key is stored stored securely offline by the user as a backup. Thus, if a catastrophic event ever befalls the wallet provider, the user has an additional key; if the user loses one of his keys, he also has an additional backup.
In practice, works like this. Let’s imagine Fred would like to send Paula 20 bitcoins. He would sign the transaction with his private key, which would send the transaction data to the wallet provider. The wallet provider would run the transaction through a risk management process, which would assign a risk score to the transaction. Any number of factors could be taken into account – IP, amount of transaction, time of transaction, size of transaction, the list goes on. Depending on the risk score, the service provider might do anything from asking for two-factor authorization to manually contacting Fred to make sure he is not the victim of a hack. There are variations on the above, otherwise known as “m of n signatures”, in which “n” represents the total amount of keys created and “m” represents the number of signatures required to authorize a transaction.
One connected but off-topic point. The rise of multisig wallets allows for more advanced escrow services that can be used to offer additional consumer protection when paying merchants with bitcoin. The irreversibility of bitcoin transactions has greatly reduced the cost of processing payments for merchants. However, the lack of a chargeback option could be exploited by unscrupulous merchants. With multisig, funds could be held in escrow until, for instance, a delivery of a good is made, triggering a second signature needed to release funds.
Have a look at the different multisig wallets available.