Self-custody is a fundamental aspect enabled by blockchain technology, allowing anyone to truly own their assets. Although traditional self-custody solutions offer numerous benefits, they often lack the advanced security features required by teams or high net worth individuals. In this regard, multisigs often serve as a well-suited solution for improved protection of on-chain assets.
For those looking to learn about what a multisig wallet is and how it works, this article aims to provide a simple explanation, highlighting its use cases for various profiles, as well as introducing the leading solution available for use on Solana - Squads.
Multisig (Multi-signature) Wallet Explained
Multisig, short for multi-signature, is a mechanism used to secure the execution of transactions on a blockchain by requiring multiple signatures for a transaction to be performed.
Multisig solutions are often referred to as multisig "wallets" since most of them provide an interface to create and manage a multisig. A common analogy for a multisig is a bank safe. One can open a safe in a bank to store valuable items and designate signatories who can jointly access and manage the stored items. Similarly, owners (signatories) can be assigned to a multisig and granted authorization to access the on-chain assets held within. Each owner represents a private key, which is what traditional wallets like Phantom or Solflare allow you to create.
On Solana, a multisig uses a PDA (Program Derived Address) to function. A PDA is a unique address without a private key nor seed phrase. It is generated by a Solana program, and can be given authority over an account. This allows the multisig to manage anything a regular private key can manage. During the creation of the multisig, two parameters are specified:
Owners - the set of private keys that sign transactions for the multisig;
Threshold - the number of signers required to execute a transaction.
For a long time, multisigs were only used to secure treasury assets collectively. While they are effectively great for this purpose, multisigs can, in fact, be used for any on-chain assets. This includes treasury, but also programs, NFT collections, tokens, validators.
Why Use Multisig - Best Use Cases
Whether for DeFi protocols, NFT collections, or even institutions, traditional self-custody solutions are not suited for the needs of teams and organizations:
CEXs are unreliable, since everything happens off-chain;
hot wallets pose risks, as they can easily be compromised;
cold wallets lack collective management.
Conversely, a multisig removes any single point of failure, which means it's impossible for one individual or one cold wallet to perform unauthorized actions. Every action (e.g., transfer of funds, program upgrade deployment) performed within the multisig has to be approved by all the owners. Securing all on-chain assets with multi-signature functionality enables better management with core team members, traceability of all transactions, and reduced risk of lost or compromised keys. All these factors can also strengthen user trust in a protocol.
For Protocols
The fuel of a protocol is its treasury, and transparency on its status and actions is crucial to allow for the smooth operation of the project. A multisig is an excellent solution for collective management of a treasury with a team, as it ensures that only designated core members have access to it. Additionally, every transaction moving funds has to be approved by the owners and can be monitored to avoid malicious transfers. Held within a multisig, the treasury is always visible on-chain.
Programs are also among the most valuable assets of a protocol, as their management affects user funds and trust. Like the treasury, it's essential to ensure that all core team members agree before any changes are made. Entrusting all program control to a single individual/key is highly risky and can easily lead to unwanted situations. Moreover, compromised programs can severely damage a protocol's reputation, and trust is hard to earn in the crypto space - this could lead to users migrating to competitors.
For NFT Collections
Whether it's the SOL collected from a mint or royalties, NFT projects can greatly benefit from using a multisig with their team to manage their revenue, funds, or high-value NFTs held as treasury assets. It can offer several benefits including better management of the revenue generated by the project to pay employees and contractors or to invest in the growth of the collection.
In contrast to protocols where programs are the most valuable assets, NFT teams' most valuable assets is the authority key of their NFT collection, since it can modify the metadata (e.g. supply, name, images). Transferring the collection authority key to a multisig enables collective management instead of relying on a cold/hot wallet, which is more susceptible to unauthorized actions.
For Emerging Projects (e.g. Grizzlython)
Emerging projects have an advantage: they are building their foundations and can easily start managing their business securely from the start. The first thing to do is securing the grant/strategic round raised to ensure that they can safely develop their project. After that, delegating their program upgrade authorities to a multisig to prevent unauthorized changes once the project is live - which can also help in earning the trust of early adopters to use the project.
If the project later decides to create a token, it’s also worth exploring the use of a multisig to manage the mint/burn of the token supply. Just like treasury or programs, token management should be collective and secure to avoid any unwanted situation for the token’s holders.
For Validators
Validators should also consider using a multisig to manage their authorized withdrawer keypair. Stakers place their trust in validators to manage their SOL responsibly, and any unauthorized access to the authority for managing rewards or the commission could severely damage the validator's reputation. If a malicious actor changes the commission rate or withdraws rewards without consent, it could ruin confidence in the validator and potentially kill its business. Employing a multisig for the withdraw authority adds a layer of security and helps protect the interests of both the validator and its stakers.
For validator teams or organizations, using a multisig for the withdraw authority also allows for shared management. This can help distribute decision-making power and ensure that actions like withdrawing rewards or updating the validator identity are agreed upon by all the parties.
For Individuals or VCs
Lastly, although multisigs are frequently used by teams, they can also be beneficial for individuals, such as high net worth investors, or VCs who require a more advanced self-custody solution than cold wallets. The setup for individuals is somehow different, as all multisig owners are the same person. A practical setup without many UX compromises is a multisig with three keys - two Ledgers and one hot wallet (e.g., Phantom) - with a 2/3 threshold. This configuration allows for using one Ledger and the hot wallet for daily operations, while keeping the second Ledger in a secure location in case one key is lost or compromised. The third key could also belong to a trusted friend or family member.
While achieving immutability should be the ultimate goal for most protocols, multisigs serve as an excellent interim solution. Multisigs can accommodate a variety of profiles and are often better suited than hot or cold wallet solutions for managing valuable on-chain assets with complex management requirements. On Solana, Squads leads the way with a multisig solution tailored for teams.
Squads: A Solana Multisig Platform for Teams
Squads is a platform with multisig functionality at its core for managing treasury, programs, validators, and any type of asset on Solana. Easily transfer your authority keys to Squads, deploy new program upgrades via multisig, or simply deposit any SPL tokens such as USDC or SOL to collectively manage funds with your team.
Launched 2 years ago, Squads is open-source, formally verified, and immutable. Used by the biggest teams on Solana, the platform has been built to meet every project’s needs.
Multisigs have evolved into more advanced solutions, making blockchain and decentralized finance a more secure place for building projects and managing funds. They can fit a variety of profiles and be used for many purposes. While it may not be the norm yet, at Squads we strongly believe that teams not using multisig for managing their on-chain assets will soon be a relic of the past, as multisigs offer superior security and flexibility compared to centralized exchanges or hot/cold wallets.
Get Started:
Squads platform: https://v3.squads.so/
Read the documentation: https://docs.squads.so/squads-v3-docs/
Review the code: https://github.com/Squads-Protocol/squads-mpl
Join the community: https://discord.com/invite/tYpY9UfRFx