Security
Last updated
Last updated
Simply, a multisig wallet is a wallet that can hold funds (or crypto tokens), and then only spend those funds when a specific number of “owners” approve of the transaction.
Think of a multisig wallet as a joint bank account with multiple signers. In most cases any signer can write checks on a joint bank account. But some accounts are set up so that all the signatories need to sign each check.
Similarly a multisig wallet can be configured so that any one of the owners can approve a transaction; or it can be configured so that in order for a transaction to go through all the owners need to provide an approval. It can also be configured to require something in-between.
For example, a transaction might require approval from any 2 out of 3 owners.
Currently in the process of sending gifts to someone who does not have a wallet account, the application stores these tokens in an escrow wallet waiting for the user to create a wallet. In this scenario the "bank" where it will be stored has a private key and if for some reason this private key is stolen, lost, all funds in the wallet will be lost. With the multisig technique this won't happen.
When a gift is sent, the tokens are stored in a smart contract that we call a multisig wallet, and for a transfer transaction to occur to a wallet, authentication by more than one user is required.
We are using the 2-to-3 model where we need 3 keys (in our case the one of the person sending the gift, and two private keys that will be stored in a cloud provider, for example the Amazon secret manager.
In the signing process, the values will only be transferred if we have 3 keys and 2 of them are signed. In case of theft or loss of a private key, we will still have 2 other keys connected to the multisig wallet.
