Multisignature Wallets – Are we there yet?
2014 has long been touted as the year of the multisignature wallet. The rise of multisig has been substantial, but the most popular implementation is quite surprising.
As the year draws to a close, it’s a good time to look back and see if the commonly-held prediction of 2014 has come to pass. “This is the Year of Multisig” bitcoin developer Gavin Andresen confidently stated at the Bitcoin2014 conference in Amsterdam, time and time again we have heard the same from leaders in our industry.
Like most everything else in the bitcoin world, so much is going on, and everything is happening so fast that it’s quite hard to keep up with the latest developments. The progression of Multisig adoption and use is no exception. Implementation of multisignature security is growing, and the promise of multisig safety is here now.
Measuring Adoption
The number of people choosing multisig wallets over standard (single key) wallets is steadily on the rise. One handy resource that tracks multisig adoption is the website P2SH.info. This site searches the bitcoin blockchain for a certain type of transaction that could only be multisig addresses transacting bitcoin, and then it counts the loot per transaction. According to their charts, the number of transactions went from about 200 per week, at the start of the year, to over 8,000 per week now. In that same time the average transaction volume per week increased from well under a bitcoin to over 300,000 Bitcoins.
It seems clear that people are starting to try out multisig wallets and use them to hold larger and larger amounts of their savings. At the time of this writing, 738,608 bitcoins are in these tracked addresses. There could be a lot more in total, because this service doesn’t track an older style of multisignature address that the developers are actively trying to retire.
As more wallet and exchange services come online offering multisig support, we should expect the rate of adoption to increase even faster, until multisig is the standard for almost all wallets.
What the charts above don’t tell us however is how the individual users and services have configured their wallets for security. There are many different ways to do so, from setting the number of keys, enabling two-factor identification, (2FA) restricting the platform, to setting the rules on when and by whom the transaction is to be signed. Adding 2FA to any wallet adds another layer of protection. In essence, 2FA acts like an extra key, in your control, as part of the multisig transaction.
How many Keys
The bitcoin protocol allows for multisig wallets that can have up to 15 keys in total generated, and you get to choose how many keys need to be present at the time in order for the spend to be approved. For instance, a family of four might make a 3-of-4 “vacation wallet” where everyone has a key but at least three keys are needed to spend the funds inside, in a sort of democratic bitcoin bank account. Meanwhile a boardroom with 15 members might need to pass a vote with at least 12 ‘ayes’ before they can spend from their fund, so a 12-of-15 wallet would be ideal for them. (Not to mention, outrageously secure from hacking.)
The most useful arrangement of multisig wallet to the mainstream today is the 2-of-3 wallet, meaning that there are three keys in total, but it only takes two keys to sign transactions for spending from that wallet. The reason this style is the most useful so far is because it is more safe for you to have your wallet provider hold only 1 key to perform its’ service, while you control enough keys to be able to take our wallet elsewhere if anything should go wrong. (Such as when the wallet provider goes out of business or is hacked.)
With this 2-of-3 wallet we can hold on to two of the keys and be in total control over the fate of those coins. The wallet provider will not be able to spend any without one of our two keys being presented at all, but we can spend without them if we need to. Since we can simply print out that third key, and keep it stored away from our computers, even a hacker on your computer that finds your private key there won’t be able to spend it alone themselves.
Oddly enough, 2-of-2 has been the most popular wallet arrangement, at least in terms of how many wallet providers are using it. These wallet services hold on to one key, you have the only other key, and it takes both to sign any transaction. No backup key.
This presents a situation where the advantage in using multisignature wallets is minimized. With no backup keys you would only be protected against a hacker on your local machine. There is no protection against any bad action from, or complete loss of, your wallet provider. Nor is there protection from even a simple loss of your own key. Still, for people whose chief concern is hacking, but with little fear of losing either their key or their wallet provider, this arrangement may still look enticing.
All the rest of the modern multisig wallet offerings have arrangements that are only marginally used so far. Of these two main arrangements, there are already a few good options out there now.
Wallet Provider Security
The promise of multisig is that it makes various security concerns like getting your computer hacked and wallet emptied a thing of the past. In theory it certainly should; 2014 has certainly seen its share of adoption and implementation of the often overlooked, and sometimes poorly implemented security feature. Multisig is powerful, it’s here now, and its here to stay. With proper implementation and understanding you can secure your bitcoins, implement structured business accounts, provide transparency, create interesting new estate plans, and even democratize the family vacation funds. But most importantly, with a well-designed multisig wallet, you can sleep well at night knowing your coins are safe from every conceivable threat.
Brave New Coin reaches 500,000+ engaged crypto enthusiasts a month through our website, podcast, newsletters, and YouTube. Get your brand in front of key decision-makers and early adopters. Don’t wait – Secure your spot and drive real impact in Q4. Find out more today!