Monero Multisignature (Multisig) Wallets

By lab | January 3, 2018

Overview

Multisignature wallets are now available in developmental versions of Monero, and should be available in released versions shortly.

TL;DR; Here are the steps to create a multisig Monero wallet.

Before Multisignature

Standard transaction methodology

Using a standard transaction methodology, Alice can exchange money with Bob for goods. I.e. Alice wants a bicycles and has money. Bob has a bicycle and wants money. Nature takes its course and they make an exchange.

Standard exchange process

The difficulty lies in trust associated with the exchange. If Alice and Bob trust one another, no problem. If they don’t, it becomes a child’s game of “no YOU give me the money first”.

Escrow transaction methodology

Hence the use of services like escrow. In escrow a third party receives the money, holds it until the goods or services are rendered, and then transfers the money. It’s commonly used for things like home purchases. I.e.

Alice has money and wants to buy a house. Bob has a house and wants money. Alice pays Carl the money for the house. Once the home inspection passes, Carl transfers the money to Bob and the deed to Alice.

Escrow exchange process

The challenge here is that Carl could at any time steal the money from Alice. He has complete control over it.

Application on Blockchain

Standard transactions on the blockchain

The process applied on the blockchain is very similar.

Alice transfers money to Bob by digitally signing a transaction. The ledger is updated and Bob has access to the money. Bob transfers the bicycle as before.

Blockchain standard exchange process

While this looks similar to something like a trusted-third-party, it’s not. The ledger simply records the transaction. Alice still needs to trust that Bob hand over the bicycle if she pays first. Alternatively, Bob needs to trust that Alice will pay after he hands over the bicycle.

Escrow on the blockchain

While possible, escrow doesn’t really have a technical application on the Monero blockchain. There are options for blockchains using smart contracts (like Ethereum), but using it on Monero requires the use of a trusted third party, just like in meat space.

Multisignature to the rescue

Multisignature (Multisig) wallets have been around in other coins (e.g. Ethereum) for some time. But have recently been added to Monero as well.

Where normal wallets require a single owner to digitally sign an outgoing transaction, multisig wallets require two or more signatures. They also have the flexibility of doing “m-of-n” signatures.

Simple multisig

With simple multisig wallets, two or more entities create a wallet together, where all are required to sign an outgoing transaction. If someone doesn’t sign, the transaction isn’t valid.

I.e. Alice and Bob are married and want to (jointly) buy a car from Carl. Carl won’t accept the funds unless both Alice AND Bob sign the transaction.

Simple Multisig Wallet example

M-of-N Multisig Wallet

M-of-N Multisig wallets aren’t technically any more complicated. Rather than requiring 100% of the wallet owners to sign only some (determined at wallet creation time) owners have to sign.

I.e. Alice, Bob, and Carl own a small business.

Three owners so N=3

In order for them to approve a company purchase, a majority must agree.

Two or more must agree so M=2

They create an M-of-N (or 2-of-3) wallet.

Now, in order for their business to buy printer paper from David, one of the follow conditions must be met:

  • Alice AND Bob sign
  • Alice AND Carl sign
  • Bob AND Carl sign
  • Alice AND Bob AND Carl sign

M-of-N multisig wallet example

But why?

Multisignature wallets are a great option in cryptocurrencies to secure your funds. The theft of a single private key will not allow a malicious actor to transfer your funds from your account.

As always, analyze your threat model to determine the best process for you. Placing one part of your key with a legal representative or in a bank MAY be a good option for you, or perhaps burying it in your backyard is a better option.

Overview complete

Next up, creating multisig wallets for Monero.