What are multi-signature addresses?

Multi-signature addresses are a special type of cryptocurrency addresses that make it possible to control funds on a community basis. This occurs when you need two or more people together with your crypto signatures to be able to unlock the funds that they contain.

LThe multi-signature addresses are one of the most interesting features that it has Bitcoin and other cryptocurrencies, . These types of cryptocurrency addresses have the ability to be managed by many people at the same time. This is because multi-signature addresses base their operation on multiple cryptographic signing.

let's remember that when making a transaction, the address we use generates that transaction and we need to sign it cryptographically. Without this, said transaction can never be processed by the network and included in the blockchain. Well, this mechanism can be improved in terms of security to the point of creating an address that needs several cryptographic signatures to be valid for the network. This is because the control of said direction it is collective.

A simile of the "offline world" can be found in safes. There are some that require several keys to be able to be opened. But in cryptocurrency this mechanism can be configured at will. In fact it is possible to configure the minimum number of signatures that will be needed to authorize the transactions. That is, you can create a multisignature address from three keys, but it needs only two of them (no matter which ones) to be able to open. This is what is known as a “2 of 3 multi-signature Bitcoin address”. And in the same way they can be 3 out of 5, 4 out of 7, 6 out of 10... or even 2 out of 2.

In short, to create a multi-signature address, you need to indicate how many will be the participants. This in addition to what is the minimum number of participants that will be necessary to authorize the transactions. And of course, as with normal addresses, creating a multi-signature address is free and you can create as many as you want.

Now, let's know what other advantages these types of addresses have and the enormous potential that they allow us to explore.

Use cases of multi-signature addresses

You may wonder: why do we need multi-signature addresses in cryptocurrencies? What utility can they present to us? Well, this is yet another functionality of cryptocurrencies, such as Bitcoin. In fact, it is a very useful, practical and revolutionary functionality in certain cases. Below we will leave you three simple to understand use cases, which are also three of the most common:

Collective authorization

One of the most common uses of multi-signature addresses is the ability to manage a cryptocurrency fund among multiple people. Some of these cases may be the following:

1. A company that wants all payments to be authorized by more than one person, ensuring that said funds cannot be manipulated by a single person.
2. An application that requires the authorization of third parties (which may or may not be computers, for example IoT devices - Internet of Things). For example, the release of a deposit when the rental car is returned and detected by a computerized parking lot.
3. A couple where both must authorize a household expense.
4. The piggy bank or piggy bank of a child that requires the authorization of his parents.
5. An NGO that seeks to give, in addition to transparency, the assurance that money cannot be suddenly spent by a single person.
6. A crowdfunding or ICO (Initial Coin Offering) to give the investor security by showing that he is not going to run away with the investors' money without doing anything.

2. Security

Another of the great uses of multi-signature addresses is to improve security schemes in the handling of cryptocurrency funds. The advantage here is clear: in a multi-signature address you need 2 or more digital signatures for an operation to be valid. In this way, if for example one of these signatures were stolen or hacked, it would be impossible to move the cryptocurrencies because the address is unlocked with more signatures.

The scheme is perfect for companies or people who store large amounts of money, such as exchanges. In this way, an exchange can safeguard its cryptocurrencies in a multi-signature address that needs 2 or more signatures to unlock. Even this process allows them to store the keys in different places and formats. In this way the typical situation of the single point of failure.

But let's do a clearer exercise. For example, in an address 2 of 3, you could have a password on your mobile phone, the other one printed on paper and hidden in your parents' house and the third one, printed and kept in a safe in a third place. Suddenly you have a cold wallet, but multi-signature: much safer. This means that if someone wants to rob you, they should corrupt the security of two of the sites. If for some reason any of the keys stops working, you will have two to immediately create a new multi-signature address and, with the two keys, move the bitcoins to the new address.

You can complicate or simplify the example as much as you need.

3. Arbitration without trust

An arbitration process allows a third party to act as a judge to determine the outcome of a transaction between two parties. For example, if one person sells you something, you can send the money to a third party and, when the other person sends you the product, the referee gives him the money. Of course, the referee must be a person of trust for both parties and totally neutral.

This is not a mystery and could be done without multisignature. But thanks to the multisignature, the "no trust" part is added. Let's see why.

In the scenario presented, let's imagine that we create a multi-signature address 2 of 3 for the transaction. Well, only if two of the three agree, the money could move. None of the three separately can keep the money, forcing them to try to find the best solution. This is something that we can see in the games theory.

A simplified simile of the traditional world are the payment letters. A financial instrument managed by banks, where it is the bank who acts as an arbitrator between both parties. A process where you can only depend on highly reputed companies such as the bank, who take advantage of this precisely, since he is the one who has total control of your money, also charging a huge commission for it.

Suddenly you don't need the bank. Bitcoin allows you to do this without highly reputable figures storing your money, users are able to self-organize.

In fact, this scenario is a very common practice in many platforms that sell products or services between individuals and support Bitcoin as a means of payment. Even in the most innovative, such as decentralized ones. You can see the chapter dedicated to openbaza is.

4. Creativity to power

Those who are able to understand the essence of the concept of multi-signature addresses will be able to find new practical use cases where frictions are eliminated from traditional processes, saving time, eliminating intermediaries and, consequently, eliminating costs.

What is the process of creating a multi-signature address?

Currently, and as we will see below, there are purses that avoid you having to understand the process of creating a multi-signature address. Press 4 clicks and you're done. But if your wallet does not provide it, you are a computer programmer or, simply, you are curious, here we explain the process that is followed to create a multi-signature address:

1. To create a multi-signature key, it is necessary to have as many Bitcoin addresses as participants you want to manage it. Imagine that we are going to make an address 2 of 3, since we will need three addresses (two of them will be necessary to authorize).
2. Once the addresses have been created, the public keys of the three are delivered to one of them.
3. With the three public keys and indicating the number of minimum keys that will be necessary, you can create the address P2SH (the multi-signature address starting with "3").
4. After this, any one of the three people can start a transaction. For this you must sign it with your individual private key and pass the result to the next person (no matter what the order of the people is) so they can sign it with their private key.
5. As in our example only two signatures are needed to authorize, this second person could sign the transaction and send it to the Bitcoin network.

If you realize, only the public keys of the addresses have been used, never the private keys that only have their respective owners.

If you are a computer scientist, there are libraries in almost all programming languages ​​(and there are even commands in the wallet itself Bitcoin Core) to abstract from the mathematical formulas and where you only have to indicate the elements mentioned above. With this you can create new ideas.

Furthermore, this link You can put the aforementioned to the test and do manual tests with the creation and management of multi-signature Bitcoin addresses, and all this at the click of a button.

Knowing P2SH (Pay To Script Hash), the origin of multi-signature addresses

In Bitcoin there are so far two types of addresses:

• Standard addresses, for example this "15Cytz9sHqeqtKCw2vnpEyNQ8teKtrTPjp«. These are technically called as P2PKH (Pay To Public Key Hash) and start with "1".
• Multisignature addresses, for example this "347N1Thc213QqfYCz3PZkjoJpNv5b14kBd«. Which are technically called P2SH (Pay To Script Hash) and start with "3".

The most common use of P2SH addresses is multi-signature addresses, but it is important to note that this is not their only use. Therefore, although usually when we see a Bitcoin address that begins with the number "3" we tend to think that it is a multi-signature address, this is not always the case.

All addresses beginning with "3" are P2SH addresses. All multisignature addresses begin with "3". But not all addresses that start with "3" are multisignature addresses, in their case they can be SegWit addresses.

The origin of multi-signature addresses

P2SH addresses were developed by Gavin Andresen And, among the many uses it has, they can be used as multi-signature addresses. The idea was presented in March 2012 through the BEEP16. A month after the publication of BIP16, in April 2012, P2SH addresses were implemented in Bitcoin.

Until that date there were only standard addresses, the type P2PKH beginning with "1". However, this does not mean that until the appearance of P2SH addresses it was impossible to create multi-signature addresses. It was possible, but they had to be done in a very crude way and there was no standard, agreed process for creating them.

It was on the block 170052 (March 7, 2012) when a transaction was received at a multi-signature address for the first time in history. The address was 342ftSRCvFHfCeFFBuz4xwbeqnDw6BGUey. However, it was an address created without following the BIP16 standard, although, as we can see (beginning with "3"), it did follow the BIP13 standard.

The ability to carry out collaborative transactions in a decentralized manner is an incredible technological innovation, but it is an innovation that is motivated by a practice hundreds of years old: in the Middle East, those who guarded crypts and security cameras kept treasures with doors that needed multiple keys to be opened, in this little video you can see it.

It is thanks to the magic of cryptography (using the Shamir's shared secret scheme) and computing what has made this ancient practice can be taken to a new level.

Using multi-signature addresses in Bitcoin

Bitcoin is the cryptocurrency queen in the use of multi-signature addresses, being the first to implement them. That is why there are currently many wallets for this cryptocurrency capable of managing these types of addresses.

Among the different wallets that allow this functionality, we have filtered 4 in order of preference:

• Copay (Android, iOS, Browser Extension, PC. Light wallet.)
• Electrum (PC. Light Wallet.)
• Armory (PC. Full wallet.)
• GreenAddress (Web)

At Bit2Me we really like Copay, because it leads to extreme simplicity in managing multi-signature addresses. Copay is a wallet that works thanks to BitPay servers. These are the ones that are concerned with orchestrating and simplifying the exchange of the necessary information between the participants of a multi-signature address. However, both for the management of this type of tasks and for the simple fact of being a light purse, privacy leaks. So you should keep this in mind if you want to keep your privacy protected at all times. Otherwise, if you want maximum control, it is best to use the Bitcoin Core wallet.

How do hardware-based wallets fit in with multi-signature addresses?

Very easy. As we have said before, a multi-signature address is created through the public keys of different Bitcoin addresses. This means that you can use the public key associated with the private key that manages your hardware wallet to create a multi-signature address. If you don't know what hardware-based wallets are, how they work or which are the most prominent, go to our guide chapter dedicated to hardware wallets.

CLTV: Check Lock Time Verify functionality

Bitcoin is possibly the best money there is till the date. What's more, its innovation is so dynamic and exciting that, in a single month of innovations in Bitcoin and Blockchain technology, it far exceeds all the financial innovation that has occurred for centuries, and another proof of this is the functionality called CLTV.

It is a proposal presented in the BIP65 by Peter Todd and which speaks of the ability to allow a specific date to be effective in a transaction (that is, the date on which the recipient will be able to use the funds sent).

CLTV combined with multi-signature allows a 2 of 3 multi-signature address to become 1 of 3 after a certain date. Being able a person to recover the funds before certain conditions previously agreed and that are defined in the transaction due to the capacity of being Bitcoin programmable money.

Again, use cases depend more on the imagination than on anything else. For example, the aforementioned case of the piggy bank: a multi-signed Bitcoin address with CLTV activated can be used as a piggy bank for a child who, until he turns 18, needs the authorization of at least one of his parents, but once when he is 18 he must obtain individual control. If you want to know more about CLTV we recommend this post de BitcoinMagazine where it is explained in more detail.

As you can see, the technology of multi-signature addresses opens a whole new range of possibilities for cryptocurrencies. A range that goes beyond Bitcoin and that would undoubtedly allow us to offer better options to develop a whole range of services around them.