Multi-signature

From Bitcoin Wiki
Revision as of 04:48, 8 March 2015 by Geremia (talk | contribs) (added history of multisig section)
Jump to navigation Jump to search

Multisigniture (multisig) refers to requiring more than one key to authorize a Bitcoin transaction.

Consider the following scenario:

Suppose I am working with a company that wants to accept Bitcoin for international trades.

The company, for security reasons, would not want a single one of its employees to have access to the company BTC wallet's password. Any transaction would have to meet the approval of more than one employee.

Is this possible already? If not, how could it be implemented with public-key cryptography?[1]

Multisig is the the solution to this.

Implementations

Shamir's Secret Sharing Scheme (ssss)[2] is a general software implementation of multisig.

Specific to Bitcoin, GreenAddress.it has 2of3 accounts (requiring at least two of three keys to authorize a transaction). Coinbase also offers 2of3 and 3of5 multisig, which they call Vault.

Multisigniture Addresses

A multi-signature address is an address that is associated with more than one ECDSA private key. The simplest type is an m-of-n address - it is associated with n private keys, and sending bitcoins from this address requires signatures from at least m keys. A multi-signature transaction is one that sends funds from a multi-signature address.[3]

Creating a Multisigniture Address

A 2of3 multisig address can be created by following these steps:[4]

  1. Gather (or generate) 3 bitcoin addresses, on whichever machines will be participating, using getnewaddress or getaccountaddress RPC commands (or copy and paste from the GUI).
  2. Get their public keys using the validateaddress RPC command 3 times.
  3. Then create a 2-of-3 multisig address using addmultisigaddress; e.g.

    bitcoind addmultisigaddress 2 '["044322868cb17d64dcc22185ae2d4493111d73244c3668f8ac79ecc79c0ba8d30a6756d0fa20157 709af3281cc721c7f53321a8cabda29b77900b7e4fe0174b114","..second pubkey..","..third pubkey.."]'

addmultisigaddress returns the multisignature address. Be a little careful, the public keys are raw hexadecimal and don't contain checksums like bitcoin addresses do. You can then send funds into that 2-of-3 transaction using the normal sendtoaddress/sendmany RPC commands, or the GUI (or anything that's been updated to recognize multisig addresses).[5]

History of Multisigniture

Multisigniture has been used for thousands of years to protect the security of crypts holding precious relics of saints. The superior of a monastery would give monks only partial "keys" for gaining access to the precious relics; the monks would not know they only held a partial key. Thus, no single monk could gain access to and possibly steal the precious relics.

References