Bitcoin security is paramount. A failure to implement best practices can leave you with a total loss. After all, there is no “Bitcoin Hotline” to call when you make a mistake with your wallets.
There are a multitude of ways to secure your Bitcoin, and each one comes with its tradeoffs. Generally speaking, you’re trading more security for less flexibility, and vice versa.
If you’re holding a lot of Bitcoin, then you probably want to spend more time and energy figuring out the best configuration for you. Mrugakshee and my business, (Atlantic Blockchain Company Inc.) hold Bitcoin as our primary cash reserve. We decided to implement a MultiSignature schema for our holdings. This letter explores how, and why we did this.
I have obscured several details of our MultiSig configuration in order to maintain our privacy and security.
What are Keys, Addresses, and Signatures?
In order to understand MultiSig, you need to understand the difference between keys and addresses as well as what a signature is.
Addresses are somewhat like the address for your physical home/location. Your address is “where your stuff is”. You input your address into websites when you order goods to your door. Cryptocurrency can be though to reside “within” an address.
Keys grant you access to the things located at your address. Without your key, you cannot get into your home/condo/apartment. With cryptocurrency, your keys give you access to what is inside your address.
Although this may seem like a stretch, I’m going to attempt to keep the analogy going. A Signature is like the *click* sound you hear when you’ve turned the key in the lock of your home. It is validation that the right key was used to open the door, in turn giving you access to what is inside.
In summary: Cryptocurrency keys are used to produce a signature that proves you own the funds within an address. Put simply, Keys produce Signatures that “unlock” Addresses.
Lifecycle of a Transaction
Let’s explore how addresses, keys, and signatures are used in the lifecycle of a simple transaction.
User has 2 BTC sitting in an address
User wants to send 1 BTC from that address
User creates a transaction that will send 1 BTC to another address (TX Creation)
User generates a signature with their key, which is then added to the transaction, making it a valid transaction that will send the BTC (TX Signing)
User broadcasts that transaction to the network (TX Broadcasting)
The network includes that transaction in a block. At this point in time, the funds are permanently sent (TX Inclusion in Block = Settlement)
Steps 3, 4, 5 typically take place automatically, and “all at once” in most wallets and exchanges.
The important point to note here is that transactions are first “created”, then “signed”, then “broadcasted”, then permanently “settled” when they’re included in a block.
Now that you have an idea as to what keys, signatures, and addresses are, and the role they play when sending a transaction, let’s focus on what MultiSig actually is.
What is MultiSig?
MultiSig is shorthand for Multiple Signature - A key management schema that requires more than one key to unlock funds within an address
Having a single key for your Bitcoin is a security risk because it is a single point of failure. If that key is lost or stolen, then you suffer a total loss on whatever amount of money is stored at your address.
Thankfully, we can use Bitcoin’s cryptographic magic to implement schemas that protect us against having a single source of failure.
How Does MultiSig Work?
Keep reading with a 7-day free trial
Subscribe to Keegan Francis to keep reading this post and get 7 days of free access to the full post archives.