• Multisignature security (“multisig”) offers a different set of security guarantees than single-signature (singlesig) solutions.
• Multisig wallets are more secure, as multiple entities are involved and there is less trust in any one entity.
• Setting up and using multisig can be operationally more time consuming, so it should only be used for long-term HODLing.
What Is Multisig?
Multisignature security, or “multisig,” is a wallet that can talk to multiple signing devices and coordinate between them for signing transactions (generally using the PSBT format). In comparison, a singlesig wallet talks to one signer only. The singlesig wallet is also often the signer, meaning the keys are hot.
Advantages of Multisig
The advantages of having multiple signers are to reduce single points of failure and increase redundancy in your setup. By having multiple entities involved, users can minimize trust in any one entity as well as increase their overall security posture.
Considerations For Bitcoin Custody
Setting up and using multisig can be operationally more time consuming and include more pitfalls if not done correctly. Therefore, it is recommended that users only consider multisig for long-term HODLing where regular transactions are not anticipated. A robust multi-vendor multisig setup requires hardware from at least two vendors; thus incurring costs associated with hardware procurement and maintenance which should also be considered before opting for multisig custody solutions.
Common Examples Of Attacks On Multisigs
Common examples of attacks on multsigs include social engineering attacks such as phishing scams or other malicious attacks targeting specific individuals who have access to part of the wallet’s private keys. These types of attacks may lead to stolen funds if they are successful in acquiring access to an individual’s private key or device containing it. Additionally, compromised hardware devices used in a multi-device setup could also lead to stolen funds if attackers gain control over it without being detected by the other signers participating in the system.
In conclusion, while singlesigs provide basic bitcoin custody options when managing small amounts, I believe that anyone holding a non-trivial amount of bitcoin for the long term should evaluate a multisig option due its added security features such as reduced single points of failure and increased redundancy within its setup process. However, it is important to keep in mind all considerations associated with setting up a robust multi-vendor solution such as costs associated with hardware procurement and maintenance before opting for a multi signature custodian solution.