Secure storage is one of the biggest challenges facing individuals who want to hold and transact in bitcoin, as lost or stolen private keys can result in permanent loss of funds. Many wallet options that use single-key bitcoin addresses present a fundamental disconnect between usability and control. You can choose to keep your private keys yourself in what is known as a client-side wallet, or you can hand them over to another party which stores them for you in a web wallet. If you choose a client-side wallet, you have the burden of managing keys yourself, which is not an appealing option for most. When you opt for a web wallet, you’re trusting that they are taking appropriate key management and security measures on your behalf.
Since 2012, the Bitcoin protocol has included an alternative to single–key addresses, known as pay-to-script-hash (P2SH) addresses. These were introduced to the Bitcoin protocol as part of Bitcoin Improvement Proposal 16 (also known as BIP 16), and alleviate much of the tension between security and usability. Among the functionality supported by P2SH addresses is the ability to require multiple private keys in order to transact, known as multi-signature, or more commonly, multi-sig. A P2SH address, which begins with a “3” instead of a “1”, can support multiple keys (N), any subset (M) of which is required to transact — this is commonly referred to as “MofN.” A simple analogy for explaining multisig is a safe deposit box with 3 keys, one held by the customer, one held by the bank, and the third held by lawyer or trusted third party. In order to open the box, 2 out of the 3 total keys are required, making the safe deposit box analogous to a 2-of-3 multisig address.
This 2-of-3 key model lies at the core of BitGo’s multi-signature wallet. In BitGo’s case, one of these keys is generated and stored securely on our servers. The second key is generated client-side in the browser at the time of wallet creation. The third and final backup key can be generated on a separate machine and then held by the user in a safe location, or given to a trusted custodian for safekeeping. Because BitGo never has a controlling (2) number of keys, you always retain full control over your coins.
Security Beyond Mult-Sig
It’s significantly harder for someone to steal two private keys than one, which adds an additional safety net against physical and digital theft. Using multi-sig also offers protection from human error. If you accidentally go into spring cleaning overdrive and toss out the hard drive with your private keys on it (it has happened!), you can still access your bitcoin using the backup key. If you’re using a BitGo wallet and forget your password, as long as your retain control of the encrypted PDF keycard that is generated when you create the wallet, you’ll be able to recover your funds.
Unlike vaults or other legacy options, multi-sig addresses and wallets actually use core bitcoin technology to secure the coins. As useful as multi-sig is, security best practices do not stop there. Other options, like multi-user controls, spending limits, and address whitelists, are additional layers of security that are readily available to BitGo wallet users.
Multi-sig wallets can also be used in institutional or corporate settings, where more than one person is needed to sign off on something beforehand. In BitGo wallets, different levels of permissions can be afforded to different users, such that an auditor has the ability to view transactions but not transact, and an operations manager has the ability to transact, but only up to a certain limit. For instance, the CEO, COO and CFO might be added as admins on a corporate holdings wallet. Two out of three digital signatures could be required to successfully sign off on company purchases above a certain threshold. An auditor could instead be granted view-only permission. In the case of a couple, a husband and wife might both be admins on a wallet and give their lawyer custody of the backup key, such that if anything were to happen to either of them, their spouse would be able to retain control of the funds.
Spending Limits To prevent unauthorized emptying of a wallet by a malicious third party, it’s possible to require multiple approvals in order to transact above the spending limit threshold. In a BitGo wallet, these limits can be set on both a daily and a per-transaction basis.
Address whitelists allow wallets to be scoped to spend only to a number of pre approved known, safe addresses. Spending to any address that is not included in the whitelist would require an additional approval. Again, this security feature helps safeguard against theft. For example, a holdings wallet which is rarely used to transact might have a whitelist limited to a hot wallet also owned by the same user and protected by spending limits and multiuser controls. If the cold wallet were compromised, the hacker would only be able to spend to the user’s other wallet, where he or she would then encounter additional obstacles.
BitGo’s mission is to ensure that bitcoins are never stolen, and the security features above, from multi-sig addresses to address whitelisting, are a central part of that effort. As we’ve seen, multisig addresses allow for heightened security and the ability for parties to safely transact in a trustless virtual environment — and that’s precisely one of the core tenets of bitcoin’s value proposition.