What is a Multisig Wallet?
A brief on multi-signature wallets for Bitcoin, Ethereum and other blockchains.
The recent $625M Axie Infinity hack, the largest till date, has several lessons for everyone in the crypto industry, with the most obvious being stronger operational security controls. Without getting into details, Sky Mavis (Axie's parent company) had only 9 validators for their Ronin side chain, and 5 got compromised, meeting the 5-of-9 threshold set for transaction approvals, and allowing the hackers to exfiltrate funds (ETH and USDC) on behalf of the rest. While the mechanics of the hack are not of interest today, I want to talk about the 5-of-9 (generically, m-of-n) signing approach used - a multi-signature scheme.
A multi-signature wallet (multisig for short) is one where, instead of an account, a group of accounts are required to approve wallet operations. The concept isn't new, and is based on the well-known security principle of split control. The goal is to eliminate a single point of failure, whether it's via a human error, insider breach or external compromise. To defeat such a system, you would require collusion between multiple parties or a system-wide compromise. Either way, it is generally better than relying on the operational security of an individual.
FWIW, other approaches like multi-party computation (MPC) are also gaining popularity, so multisig may not be the only game in town for long. That said, let's look at a few popular multisig wallet options today. I won't cover paid/institutional custody options like BitGo, Casa etc in this post though.
Armory Wallet for Bitcoin
Bitcoin was the first blockchain to benefit from multisig wallets. Electrum was one of the first wallets to support multisig and is probably the most lightweight of all, but several other options are now available, Armory being one of them. Armory is a full node, open-source Bitcoin wallet with both cold storage and multisig support. It uses a deterministic wallet; all addresses are derived from the same root. Armory is designed conservatively, with a primary focus on security, evident from the choice of cryptographic schemes adopted. If you own large amounts of Bitcoin, you'll want to consider semi-custodial solutions, else Armory should work just fine.
Gnosis Safe for Ethereum
Gnosis Safe is the most popular multisig wallet for Ethereum, period. The core smart contracts are open-source and formally verified, which is generally a very high bar for security. You can create and access a safe directly from your browser, but Gnosis is also available as a desktop (Windows, MacOS, Linux) and mobile application (iOS, Android). It supports Ethereum (Mainnet, Rinkeby), xDai, Arbitrum, EWC, Volta, Polygon and BSC blockchains, and works with a wide range of wallets, including MetaMask, Ledger, Trezor and others. It supports non-fungible tokens (NFTs) and seamlessly integrates into popular decentralised finance (DeFi) protocols to trade and manage digital assets.
Cashmere Wallet for Solana
Cashmere is a platform to create and manage multisig wallets for digital assets on the Solana blockchain. Cashmere is relatively new, without a lot of documentation, community or a roadmap, and it's unclear whether the smart contracts have been audited, so do exercise caution. They were part or Y Combinator's most recent cohort (YC W22) though, lending some credibility to the team. See this post for a brief guide on setting up a Cashmere multisig wallet.
Multisig Safe for Harmony One
Harmony Multisig Wallet is a platform to create and manage multisig wallets/safes for digital assets on the Harmony One blockchain. It allows you to connect existing MetaMask and 1Wallet wallets, and is based on Gnosis Safe smart contracts. See this post for a brief guide on setting up a Harmony multisig wallet.
Argent Vault for Ethereum
In 2021, Ethereum founder Vitalik highlighted some failings of multisig wallets, from technical complexity to usability gaps for widespread adoption. He offered an alternative - a social recovery wallet. Under normal circumstances, the wallet functions like a multisig wallet. If a user ("guardian") loses a key, they reach out to the other users (ideally, folks in your social circle) and ask them to sign a special transaction to replace the lost key with a new one. Vitalik's post goes into more details, especially touching upon the subject of trust in such a recovery scheme.
The most popular social recovery wallet available today is Argent. It is open source, well audited and does away with the seed phrase, a frequent source of wallet compromise. It supports two-factor authentication using phone and email, and enforces a 36 hour delay for a guardian change to come into effect, giving you a critical window to lock your wallet in case of a compromise.