Multisig (multi-signature) is a security scheme in which multiple cryptographic keys must co-sign a transaction before it is valid. Instead of one key controlling a wallet, a multisig wallet requires a threshold — for example, 2 out of 3 keys, or 3 out of 5. This eliminates the catastrophic single point of failure of conventional crypto wallets: even if one key is compromised or lost, funds remain secure. Multisig is standard practice for institutional crypto custody, DAO treasuries, and security-conscious individuals.
M-of-N Explained
Format: M-of-N means M signatures required from a total of N authorized keys
| Configuration | Use Case |
|---|---|
| 1-of-1 | Standard single-key wallet (not multisig) |
| 2-of-2 | Two parties must both approve (both keys required) |
| 2-of-3 | Personal backup: self + hardware wallet + trusted guardian |
| 3-of-5 | Corporate treasury: any 3 of 5 executives must approve |
| 5-of-9 | Protocol multisig: majority of governance committee |
The most common configuration is 2-of-3: you control two keys (phone + hardware wallet), the third is a backup with a trusted party. You need 2 to transact, so losing one key doesn’t lose funds.
Bitcoin Multisig (P2SH/P2WSH)
Bitcoin has supported multisig natively since 2012 via Pay-to-Script-Hash (P2SH) and later P2WSH (SegWit). The spending script encodes M and N, and the transaction requires M valid signatures corresponding to N listed public keys. Bitcoin multisig is used by hardware wallet manufacturers (Coldcard, Trezor) and custodians (BitGo, Casa).
Ethereum Multisig (Smart Contract Wallets)
On Ethereum, multisig is implemented as a smart contract. The contract manages:
- A list of authorized signer addresses
- The signing threshold (M of N)
- A queue of pending transactions
- Execution logic once threshold is met
Gnosis Safe (now rebranded Safe) is the dominant Ethereum multisig, holding over $100 billion in assets at peak TVL. It is used by virtually every major DAO, DeFi protocol, and institutional Ethereum holder.
Gnosis Safe (Safe)
| Feature | Detail |
|---|---|
| Founded | 2017 by Gnosis (Martin Köppelmann, Stefan George) |
| Compatible chains | Ethereum, BNB Chain, Polygon, Arbitrum, Optimism, Avalanche, Base, and more |
| Transaction types | ETH, ERC-20, ERC-721, arbitrary contract calls |
| Modules | Optional add-ons: spending limits, delegate calls, Recovery modules |
| Interface | Web UI, mobile app, CLI |
| Notable users | Ethereum Foundation, Uniswap, Aave, 1inch, all major DAOs |
Safe{Wallet} — The consumer-facing product for individuals
Safe{Core} — The SDK for developers embedding multisig into applications
Multisig vs. MPC vs. Account Abstraction
| Technology | How it works | Pros | Cons |
|---|---|---|---|
| Multisig (smart contract) | N on-chain addresses; M must sign | Transparent, auditable, battle-tested | Multiple on-chain keys needed; gas cost per signer |
| MPC (Multi-Party Computation) | Single on-chain key split mathematically among parties | Looks like standard wallet; lower gas | Complex off-chain coordination; requires MPC provider |
| Account Abstraction (ERC-4337) | Smart account validates any M-of-N logic | Flexible; enables gasless, passkeys | Newer; less battle-tested |
Institutional custody increasingly uses MPC (Fireblocks, Copper) for efficiency while maintaining multisig-level security.
Common Uses
For Individuals
- Casa and Unchained Capital offer 2-of-3 Bitcoin multisig with key storage services
- Self-custody best practice: hardware wallet + hot wallet + paper backup, 2-of-3
For DAOs and Protocols
- Protocol treasury: Uniswap, Compound, Aave all hold funds in Gnosis Safe multisigs controlled by core teams or elected signers
- Timelock + multisig: governance votes queue actions → timelock delay → multisig execution
For Exchanges and Custodians
- Exchanges hold majority of user funds in cold storage multisigs
- BitGo popularized institutional 2-of-3 Bitcoin multisig custody
Risks and Failure Modes
| Risk | Example |
|---|---|
| Signer collusion | M signers agree to drain treasury without authorization |
| Key loss (below threshold) | Losing 2-of-3 keys with a 2-of-3 multisig = locked forever |
| Smart contract bug | Parity multisig bug (2017) — $300M permanently locked by library self-destruct |
| Social engineering | Individual signers manipulated separately |
| Coordination delay | Time-sensitive transactions fail because signers are unavailable |
The Parity hack remains the most famous multisig failure: a bug in a shared library contract caused a user to “accidentally” become the owner, then self-destructed it, permanently freezing ~513,000 ETH (~$300M at the time) in dependent multisig wallets.
Related Terms
Sources
Bitansky, N., et al. (2011). From Extractable Collision Resistance to Succinct Non-Interactive Arguments of Knowledge. IACR Cryptology ePrint Archive.
Meiklejohn, S., et al. (2013). A Fistful of Bitcoins: Characterizing Payments Among Men with No Names. ACM IMC.
Gennaro, R., & Goldfeder, S. (2018). Fast Multiparty Threshold ECDSA with Fast Trustless Setup. ACM CCS.
Luu, L., et al. (2016). Making Smart Contracts Smarter. ACM CCS.
Antonopoulos, A. M., & Wood, G. (2018). Mastering Ethereum: Building Smart Contracts and DApps. O’Reilly.