While multisigs are well suited for teams or organizations, they also serve as a great alternative to hardware wallets (e.g. Keystone, Ledger) for individuals. Certainly more advanced, they offer enhanced security features thanks to their multi-signature functionality, making them an optimal choice for safeguarding important amounts of crypto assets.

For individuals looking to hold their assets on Solana, a multisig like Squads is likely your ideal solution. In this guide, we’ll go over the concept of multisig, explore the various setups adapted for individuals, and cover the solution that Squads offers to store Solana (SPL) assets such as tokens and NFTs.

Multisig: A Secure Way to Store your Assets

Multisigs are gradually gaining traction as viable alternatives to traditional hot and cold wallet solutions due to their advanced features for securing assets. Multisig, short for "multi-signature", implies that every transaction requires multiple signatures for execution. This contrasts with traditional self-custody solutions where assets become vulnerable the moment the seed phrase is known.

Conversely, a multisig doesn't have a seed phrase/private key. It is instead governed by multiple private keys, typically referred to as owners. During its creation, owners and a signature threshold are set. This threshold dictates how many owners need to sign a transaction for it to be executed.

If open-source and immutable (non-upgradeable), multisigs are a superior alternative to hardware wallets for securing crypto assets. Relying on a hardware wallet means entrusting the entire security of your crypto net worth to a single entity/brand. If it gets compromised, or suffers an attack with a malicious upgrade, it can result in irreversible loss. In contrast, immutable and open-source multisig solutions ensure two things:

1. The upgrade authority of the multisig program has been burned, guaranteeing that it cannot be modified by anyone to move or access your funds;

2. You can understand how the multisig program works and verify it operates as intended.

While sometimes complex, multisigs thus minimize the security risks associated with traditional hot and cold wallet solutions.

What Setup For Your Multisig

We’ve seen that during the creation of a multisig, several owners (private keys) are added, and a threshold is set. But what's an ideal setup for individuals? The truth is, there isn't a definitive answer as it heavily depends on your personal needs. However, there are two setups that are usually recommended and well suited for individuals.

For a balance of security and convenience, a 2-of-3 multisig could be your best choice. In this setup, you'll only need two wallets to sign a transaction every time you move your funds. On the other hand, for those seeking ultimate security, a 3-of-5 setup would be more suitable.

Keep in mind, the more keys required to transact, the harder it will be to move your funds. If your primary aim is asset protection and not frequent trading, a 3-of-5 setup is perfect. Conversely, if you plan to transact daily/weekly, a 2-of-3 setup is more convenient.

When it comes to setting up a 2-of-3 multisig, there are several possibilities. First, you could add all the private keys with hardware wallets from several brands such as Keystone, Ledger, or OneKey. Beyond having three keys, it’s also important to use different brands in case one encounters an issue. This setup, composed only of cold wallets, means that every time you need to sign a transaction, it will require two of the keys. While this might seem fine at first, it actually reduces the flexibility of a 2-of-3 setup.

Hence, it’s more optimal to include a hot wallet in your multisig (like Phantom or Backpack) to simplify its management while still securely storing the assets held within your multisig. In this case, you keep two keys (from one cold and one hot wallet) for your daily or weekly operations, while the additional cold wallet is in a secure place in case one of the keys is compromised and needs to be removed. Using two hot wallets also works if they are stored on two separate devices. For example, you could use the Backpack extension on desktop and the Phantom app on mobile, while the hardware wallet (e.g. Ledger) is stored in a bank safe.

For securing assets that you don't intend to use frequently, the 3-of-5 setup is another option you can consider. Once again, if all the keys are tied to hardware wallets, the process becomes exceedingly complex. Hence, you could store two keys as cold wallets in different locations, for example, in a bank safe and with a trusted friend. The remaining three could then be a combination of two cold and one hot wallet, where the hot one resides in your computer (e.g. Backpack extension) and the two cold ones are hardware wallets from different vendors. This setup makes it considerably harder for a malicious actor to access your funds, as he would have to get access at least three of your keys to execute any transaction.

It's important to note that keys aren't needed to deposit assets to your multisig, they're only required to move them. This means that you can send crypto from another address, say every month, and only use the keys when you need to move your funds.

Squads: Your Solana Multisig Solution

Squads has developed a platform for creating multisig and managing on-chain assets on Solana. The Squads multisig program is open-source and immutable (non-upgradeable), which means that no one besides you can access or move your funds. Additionally, Squads has been multiple times audited by OtterSec and Neodyme.

With Squads, you can securely store and manage your Solana (SPL) tokens. Swap assets with Jupiter, add your favorite contacts/addresses to your Squad, access staking solutions such as Jito, or explore DeFi yield opportunities within our app section. It's also perfectly adapted for NFT management, as it allows batch sending, listings on Tensor, or rentals with Cardinal all without leaving the multisig.

In summary, a multisig offers a viable and more secure alternative to traditional self-custody solutions for individual users. While more advanced, this is outweighed by enhanced security measures for managing significant amounts of funds on-chain. Since multisigs operate through a set number of private keys, requiring multiple signatures for transaction execution, they significantly reduce the risk of asset compromise that comes with the loss or theft of a single private key.

Switching to a multisigs may involve a learning curve, but the benefits it provides in terms of asset security make the transition worth considering for many individuals. Whether you opt for a 2-of-3 or a 3-of-5 setup largely depends on your personal needs and how frequently you plan to transact with your assets. If you're looking for the most robust solution to secure your funds, wait no longer and spin up your multisig today.

Get Started:

Squads platform: https://v3.squads.so/
Read the documentation: https://docs.squads.so/squads-v3-docs/
Review the code: https://github.com/Squads-Protocol/squads-mpl
Join the community: https://discord.com/invite/tYpY9UfRFx