Crypto Best Practice — Always Use a Multisig Wallet
Ever get that sinking “oh-shit!” feeling in your stomach? Getting your private key either stolen or lost will do it. Take this good practical advice. It is simple, will make you sleep better at night, and can save you a lot of abdominal discomfort.
Three helicopters brimming with armed security personnel hover above the building, while the rooftops of adjacent buildings were decked with specially trained sharpshooters. Meanwhile down at the street level, more armed guards and police units encircled the building in concentric rings. Police cars and motorcycle units lined the streets from the building.
Meanwhile down at the streel level, an entourage of SUV’s line the heavily-guarded building. This is a big deal but the commotion is not for the President, or a VIP of any kind. The building’s main tenant is the Trust Company Bank. Is the Royal Jewels making a visit or on loan? Maybe it’s the Hope Diamond, the single most valuable gemstone prized at about $350M.
The crucial moment arrives as the super-secured bank vault opens. Three specially designed portable safes are quickly whisked into separate waiting SUV’s, each accompanied by a team of security details. The three SUV’s take-off, breaking off into separate routes along with a carefully choreographed, assemblage of escort vehicles.
The three portable vaults reconvenes at their their new home, considered the 3rd most secured vault in the US, right behind Fort Knox and the Federal Reserve Bank of NY, respectively.¹ This is the famed Coca Cola formula. Its 129-year old history is one of the most highly guarded recipe, except for some minor tweaks such as the removal of cocaine, from which the names Coca and Coke are derived.
What is intrinsic value, but the perception of its value by its owner or buyer. And so it is as the secret Coca-Cola recipe is taken to its new home, the specially-designed vault at the World of Coca-Cola. Only three people, Coca-Cola executives, have access to the famous formula, but no single person has access to the complete ingredient list. Instead it requires two of the individuals to combine their partial formulary into complete the full list. Safety, security, and redundancy ensures the continuity of a $217B company.
Truth be told, it was a well-planned publicity event and even if the recipe was leaked, it’s highly doubtful that it would impinge on Coca Cola’s market or valuation. Nevertheless Coca Cola provides a good practice in keeping something that is very valuable to all crypto asset holders — your private keys.
Play it Safe
The Coke formula tale is a useful analogy in the management of digital assets, specifically the private key to a wallet. Two of the biggest risks in managing your digital assets are 1) theft of the private key, and 2) misplacement, or loss, of the private key. Unfortunately, this occurs quite frequently in crypto management, or shall I say the lack thereof. Also, there is an increasing interest in DeFi-based platforms which shifts the responsibility of the private key management more towards the user. The practice is perfect for escrow and estate planning purposes. O of the leaders in this developing field is Octowill which is . Octowill is an estate planning service which is the leader in remaking the industry to become more efficient and less susceptible to losses from mishandling, by both ineptitude and fraud, by implementing multisig wallets in their services. Multisig is a critical feature in crypto adoption.
The introduction of the multisignature scheme, or multisig for short, allows a group of users to constitute a quorum that is required in order to facilitate a transaction, usually the withdrawal transfer of the digital assets. Deposits transactions do not require signing and therefore is not relevant.
Multisig wallets are denoted by an m of n signatory. Let’s take an example of a 2 of 3 setup which means that there are three (n) possible signers, of which two (m) are required. Say the wallet has created three signers, A, B, and C, then any combination consisting of two distinct signers, AB, BC, and AC, can sign the transaction.
Let’s say that signer (user) A’s device was hacked and his signature is compromised. Since it requires two signatures, the wallet is still not compromised. It is important though, that use A notifies the other signers, and then safely transfer the assets to a new wallet, and restore the fully operating 2 of 3 quorum.
The other use case is the loss of the private key. It’s amazing how much crypto assets are irretrievably lost due to the misplacing of private keys. That’s about $40B give or take!² In the 2 of 3 example, it would take the accidental loss of two keys in order to lose access to the funds, reducing the probability of the loss scenario by a half.
How about a 3 of 3 configuration? While that is technically possible it is strongly ill-advised! In essence you have tripled the probability of losing the asset forever. M should always be less than N to prevent such a potential calamity.
In addition to the safety factor of lost key and greater security, multisig also provides governance if for an example an audit trail is needed to support a business process. Corporate and institutional adoption of cryptos would be much more difficult without multisig.
However, multisig is not the only option. Multi-party computation (MPC) is a more recent cryptographic development which offers a strong viable option to the Shamir’s Secret Sharing upon which multisig is based on.
There are benefits of MPC over multisig as MPC does not provide a single point of failure when compared to multisig. But the lack of auditing capabilities of MPC, meaning there is no way of specifically knowing who the signers were of a given transaction still makes the more mature and stable multisig a better option of securing a wallet at this time.
Conclusion
Multisig is a significant development in the safe and secure management of a digital asset wallet. There are other aspects of wallet types which I have outlined in my previous article, Custody is NOT Sexy, such as hot and cold, hardware security module (HSM), online, and software-based each with their pros and cons to balance convenience, security and risk. But the use of multisig is universally accepted as a best practice, or even its counterpart MPC.
Earlier I mentioned that is setting up a multisig wallet, its imperative that M is always less than N or else you risk the probability of completely losing its content by a factor of M. You definitely don’t want to do that.
Also the minimal, useful multisig configuration is 2 of 3. Why is that? Well, 1 of 2, would not provide any additional security since if it only takes a single signature to sign a transaction like a simple wallet. Furthermore, it is even less secured, as now there are two sources to gain signing authority instead of one. 2 of 2 would also not be recommend as it would violate the first principle, M must be less than N else you risk losing access altogether.
Finally even if there is no need to share access with another person, I still highly recommend that a single user implement at least a 2 of 3 multisig wallet as it will help prevent loss from hacking, or losing access to the private key. The important thing to note is that the storage of all three keys be stored separately, so that no single loss or hack would be catastrophic.
Everyone please be safe and take care.
References
¹ 10 Most Secured Safes and Vaults in the US
² 20% of All BTC is Lost, Unrecoverable, Study Shows
Crypto Best Practice — Always Use a Multisig Wallet was originally published in The Capital on Medium, where people are continuing the conversation by highlighting and responding to this story.
from The Capital - Medium https://ift.tt/2HzWc86
0 Comments