Multi-Sig as a second layer of securing crypto
Multi-sig is sort of similar to introducing a two-factor authentication or is comparable to 2F for crypto. Multisig addresses can be applied as a form of 2FA in blockchain although services such as BitID or Civic and other blockchain-based identity platforms can be applied as blockchain-based verification methods that serves the purpose of 2F verification such that customers can first of all register their identities on blockchain and the private IDs associated to the real blockchain identities to login into services without revealing actual identity.
It can be used to secure devices and accounts in place of the now insecure SMS verification options and call verification options.
However, the mechanism should also be used responsibly because for instance, if the access level is set at 2-of-2 multisig addresses and one happens to get lost, the actual owner is locked out from accessing their funds. Plus it might require some technical knowledge to set up for people who do not want to rely on third party providers.
MultiSig can be used in the following circumstances in order to add a second layer of security for crypto in case of eventualities.
- Securing crypto with personal wallets
As said earlier, a crypto wallet or app that supports multisig wallets and addresses or that has this feature, will allow you as the wallet user to create several private keys although there will be only one public address. With multisig wallets, you choose the number of private keys you want to generate and the number of keys that can be required to authenticate or allow a transaction.
If you choose to generate 3 private keys for instance and you choose two addresses to be required to authenticate or permit the a transaction on the app, for instance to grant permission to or allow for sending of crypto to other addresses, then one -- your main key -- may be stored on your phone or other device (either saved automatically or as a keystore file downloaded by the app user) that you are accessing the service/app from, the second is usually given to an authenticator service many of which work similar to Google Authenticator, and the third is your backup key that you may write down in readable format (words and letters) and then store it in a safe place such as a safety deposit box.
- Group/co-ownership of assets, family and company wallet addresses
A single-key address is not ideal for crypto company and business situations involving cryptocurrencies. That's because for one, crypto tends to be co-owned by many investors, customers or whatever; two because managers in a business owning crypto reserves may be willing to share spending decision making or require to authorize transaction decisions; three to safeguard situations where trust can be an issue where the company may want to not have one person controlling the crypto or spending; four because a single person controlling private key may at one time or the other lose those key or lose their devices and therefore be locked out, paralyzing the activities of the company; and five because a large amount of crypto may be involved in these scenarios.
- Multisig wallets for escrow services and fund-related arbitration
Escrow is a big bet for online businesses and services. Creating 2-of-3 multisig crypto wallet can allow for more trusted escrow transactions between two parties with a third party acting as a trusted arbiter between the other two parties agreeing to a transaction.
- Multisig to help manage, control and secure company/group funds
Implementing a multisig wallet to secure company funds follows almost the same route and example: a company decides which parties and how many to trust with the keys and how many and who would be involved in the verifying of the transactions such as related to the company operations like withdrawals. So long as there is no likelihood of collusion.
How to create multi-sig wallets
The address standard P2SH is commonly used for BTC multi-sign wallets and many wallets do provide support for this standard. Most or all of these wallets and services/apps have information on how their software can be applied for setting up a multisig wallet. The first decision to make is one related to how many private keys to use and who you should entrust with those keys.
The different individuals or devices that are involved in the multisig wallets are known as co-signers.
For Electrum, the process of creating a multi-sig wallet is a three step process, where the parties or co-signers generate their seed and their master public key (MPK) each, then each communicates their MPK to their co-signers and receive their NPKs from them, and then they all create the final wallet and verify that the addresses the co-signers are receiving are the same as those they are getting.
Additionally, one seed set is not enough to recover or restore the wallet; co-signers will need to write their own seed each too and to cooperate with other co-signers during when it is time to restore the wallet. The MPK is public and can be shared publicly such as through emails. Parties are, however, not supposed to reveal their seed to each other.
Drawbacks of current multisigs
Multisigs are too expensive and probably too hard to use right now. This is one of the reasons they are not popular among crypto users today. In addition to this, not all wallets do have this functionality. Multisig setups are also less attractive because each of the transaction contains multiple signatures and private keys to manage by many people; thus they are therefore less attractive to users.
Furthermore, crypto is not applied widely or adopted widely in use cases/areas/industries where multisig wallets would be quite helpful for business: this is due to low crypto mass adoption. Besides, while Bitcoin’s latest Segwit handles signature data in a manner that allows for cheaper multisigs, it is not supported by many wallets.
Therefore, multisigs also have low adoption in areas they would be quite helpful. For instance, it would be a greater benefit if they would have been implemented in international trade or crypto funds use cases that require escrow services or distributed storage and management and where safe and distributed storage/management would be a necessity and not an option or alternative.