So you want to understand the point of multiple signatures (“multisig”) on a Stellar wallet?
Well, you’re in luck, its applicability and purpose are easier to understand than you might initially think. This is because a multiple signature requirement on a Stellar wallet can be compared to other real-world examples that you’re likely familiar. But, before we jump into those other examples, let’s first start by breaking down what a Stellar “signature” is.
A Stellar signature can be thought of as a unique key that is used to give you access to your wallet, authenticate a decision, or even prove your identity – not unlike a wax seal on a piece of parchment in the Middle Ages, handwritten signatures for checks, fingerprints for smartphones, or even the iris of your eye in the most technologically advanced cases.
However, unlike these other forms of physical signature, a Stellar signature is digital and uses cryptography to pair a secret signature with a public wallet address. A Stellar signature comes in the form of a 56-character string of letters and numbers that always starts with an “S”. Important: Would you share your eyeball with someone else? Of course not! Just like your eyeballs are needed to see, secret Stellar keys are needed to sign, but neither should ever be shared with anyone.
So, why would someone want to add multiple signatures to a Stellar wallet?
Well, for the most part, people add a multiple signature requirement to their Stellar wallet for added security. It’s really no different than the “two-person rule” used to ensure two authorized people are required to turn keys (effectively signatures) before initiating some sort of critically important event – like launching a nuclear missile or turning off a Russian machine designed to open a gateway to a parallel world.
And no, not all real-world examples of multiple signature requirements are as dramatic as Winona Ryder in the last episode of season 3 Stranger Things. In fact, some can be found in some of the most boring places on the planet – brick and mortar banks.
Do you know what bankers added to make safety deposit boxes more secure?
You guessed it; bankers added a requirement that two keys be required to open a single safety deposit box. In actuality, gaining access to someone’s safety deposit box might require even more than four keys – one to enter the building, one to gain access to the room with the safety deposit boxes, and two to open a particular box!
These non-Stellar examples of requiring two keys to authorize or gain access to something physical are really no different than adding a multiple signature requirement on a digital Stellar wallet. For example, multiple signature on a Stellar wallet in its most simple form would authorize two secret keys and require both signatures before any transaction is authorized. A more advanced multiple signature setup could authorize up to 20 different signatures and require only a subset of those signatures before any transaction is authorized. Click here for more examples and other technical information.
Twenty authorized signatures! Sounds good for institutions, but is it really necessary for individuals?
Individuals don’t need a complex 20 signature setup, but requiring one or two additional signatures, absolutely! Put simply, if your Stellar wallet holds more value than you normally keep in your physical wallet, you should consider adding a multiple signature requirement. This is especially true if you do not use a hardware wallet (e.g., Ledger and Trezor) that has the capability of signing transactions without ever revealing your secret key. But, even with a hardware wallet, adding a multiple signature requirement to any wallet with significant balances may be worth considering on the off chance someone discovers your 24-word recovery phrase.
Want to know why adding a multiple signature requirement is especially important for non-hardware wallets?
Well, it’s because secret Stellar keys are just like eyeballs – if you want to see the beautiful world around you, you have to open your eyes at the risk of damage, or even the inadvertent iris scan. Similarly, if you want to use your Stellar wallet, you have to sign transactions with your secret key at the risk of inadvertently revealing your secret key to someone else. Granted, this is a rather silly analogy and some methods of storing and using your secret Stellar key are safer than others, but the point stands and the risk real.
So how do you add the safety of multiple signature to your Stellar wallet?
Good question! There are several ways to do it, some easier than others. Some people choose to add it themselves through the Stellar Laboratory, but this requires some technical know-how. Others skip the technical know-how and choose to use services like Lobstr Vault or StellarGuard.
And with that, I hope you now better understand the multiple signature feature built into Stellar and consider using it for that next level of security it provides you and your Stellar wallet!