We have just added multisig support in the latest version of our Hathor Headless Wallet.
This article gives a general introduction to multisig and what you can do with it. If you’re a developer and want to dive right into it and start implementing multisig yourself, please refer to these links:
- You should upgrade to Headless Wallet v0.14.0 if you want to support multisig
- You must validate all user addresses to determine whether it’s a multisig address or not
- Your data validation must be case sensitive
A multi-signature (multisig for short) wallet requires more than one key to unlock and can drastically improve the security of your cryptocurrency if done right.
A multisig wallet is a wallet shared by two or more users, called copayers. Depending on the wallet configuration, the number of signatures required to sign a transaction will be lower or equal to the number of copayers controlling the wallet.
For example, if you have a multisig wallet shared by three people and all three signatures are required to sign a transaction, we call that a 3–3 (“3 of 3”) wallet. If the wallet only requires two of the three people to sign a transaction, it is a 2–3 wallet.
In our multisig solution, we have chosen to set the maximum number of keys that can be allowed to open a wallet to 16. There is no limit to the minimum number of keys needed to open it. You could, for example, assign five different keys to a wallet but only require three of them to open it, and that would then be a 3–5 wallet.
Please note that if you have created a wallet where every signature is needed to unlock it (such as 3–3), and you were to lose any of the recovery phrases, you will lose access to the funds in the wallet. Therefore you might want to give yourself some leeway and create, for example, a 2–3 wallet so that if there are any issues with one of the seeds, you will still be able to open the wallet.
Should one or more of the seed phrases associated with the wallet be lost, it’s important to replace them in your wallet setup. As a developer implementing multisig on your platform, your UX should allow users to do this.
As a general rule, make sure to design your UI/UX to complete the requirements and risks associated with multisig clear to your users to prevent anyone from losing access to their funds.
From the above, we can see how multisig can be helpful when users need an additional security layer to protect their funds. If one of the keys is compromised, funds will still be safe.
Other use cases include helping with decision-making. Imagine a 5–7 wallet storing joint company funds with keys held by seven individuals. No decisions involving the funds will be made unless the majority of the holders are in agreement. Signing documents could also be achieved using a similar wallet setup.
You could also hold the keys to a wallet on different devices and locations and effectively use multisig as a two-factor authentication method.
Perhaps the biggest benefit of using multisig on Hathor is the feeless part. A multisig transaction includes more signatures, resulting in a larger transaction (in bytes), which means you’re paying more when sending multisig transactions. The more keys involved, the higher the fee.
At least this is true for Bitcoin and other chains. Luckily for you, Hathor is a feeless network so none of this matters to you. All transactions are free.
The greatest advantage of using multisig, in general, is definitely the security aspect of it. By not relying on a single private key to open a wallet, you remove the dependency on one person and device, making attacks difficult and leaving less room for error caused by losing or forgetting your keys — all very common reasons for the loss of crypto funds.
Ironically, security can also be the most significant disadvantage of multisig, especially from a user point of view. Take custody of funds, for example. If something goes wrong with a wallet with multiple keyholders, getting legal help might prove a challenge as there are no legal custodians of funds deposited into a shared wallet with multiple keyholders, and the whole concept of blockchain and multisig is quite new to most people.
Transaction speed can be another pain point. When signing a transaction often depends on several people, third parties, and multiple devices stored in separate locations. This will necessarily impact speed. Recovering a multisig wallet can also be a tedious process for the same reasons.
As a developer offering multisig as part of your product, you need to consider these aspects to make the UX seamless for your users. Setting up a multisig wallet shouldn’t require any technical knowledge or be more complex than creating a regular wallet.
We recommend avoiding referring to concepts such as N-out-of-M wallet configurations, P2SH, and P2PKH output scripts, address types, and derivation paths when talking to your users. Go easy on the technical jargon and design your UX to remove any hurdles and traps for your users.
PS: A UI for multisig may be added to our desktop and mobile wallets later. We chose to implement it in the headless wallet first, as this is what most use cases in need of multisig are using for their integration with Hathor.
PS2: Also, read our article on Hathor Wallet Security Best Practice.
Hathor Network is a PoW-based novel distributed ledger architecture that combines DAG and blockchain data structures. Our network’s unique design is built with scalability, usability, and decentralization in mind, and solves significant bottlenecks preventing the broad adoption of the technology.
Hathor Network has been on mainnet since January 2020, experiencing exponential growth in the number of custom tokens, active wallets, and mining hash rate.