How to Create and Use a Multi-Sig Bitcoin Address
Latest posts by Dean (see all)
- Aeternity: Fast, private smart contracts, an oracle machine & truly decentralized mining - March 29, 2017
- MetaGold: Some of the Best Games using Ethereum! - March 27, 2017
- The Scarab Experiment: Creating A Decentralized Artistic Personae - March 16, 2017
Multi-Signature Bitcoin addresses have a range of interesting uses, and are not as complicated or difficult to use as it may seem to a beginner.
The basic principle is very simple: more than one person must sign a transaction for it to be valid. Bitcoin uses an ‘n of m’ model, which just means that you can choose as many signers as you like, and then choose how many signatures in total must be provided for a valid transaction. For example, you can have two people who must both provide their signature (‘2 of 2’) or you can set it up to require any 2 out of 3 possible signatures, any 6 signatures from 10 possible signers, or anything else which suits your needs.
You can use multi-sig addresses to create a kind of joint account, which requires you and your partner to both sign off on any withdrawals, or perhaps requires the majority of a company’s owners or executives to sign for expenditures . You can use them for savings wallets which require multiple signatures to increase security. Perhaps the most common use, however, is multi-sig escrow. Commonly used on eBay-style peer-to-peer marketplaces which accept BTC payments, such as the deep web’s infamous ‘dark markets’, multi-sig escrow provides consumer protection without the need to trust a central escrow provider to hold the coins on your behalf. Instead an address is created which requires ‘2 of 3’ signatures from the buyer, seller, and an escrow agent who provides arbitration in case there is a disagreement. This address holds the payment until a product has been dlivered, and can then be used to either make payment to the seller or refund the buyer.
How To Create A Multi-Sig Bitcoin Address
The Browser Bank provides an easy and secure way to create an use multi-sig Bitcoin addresses. It uses ‘client side generation’, so private keys are generated on your own computer within your browser, and never need to leave your browser, which means that the wallet provider themselves cannot access or lose your coins, view your private key, or track your activities. For the rest of this article I will be using this service as an example to help you learn everything you need to know.
Visit https://thebrowserbank.com/#newMultiSig for a simple tool that anybody can use. Take a look at the screenshot below to see how easy it is:
As you can see, all you need to do is to fill in the public keys for each participant, using the plus and minus buttons on the right to add or remove spaces (make sure you don’t leave any blank fields here, or you’ll get an error), select the number of signatures to require from a drop down menu, and then click submit.
You may have noticed that the ‘public key’ shown in the screenshot above is not the same as your public address. Don’t worry if you can’t find the public key from your usual wallet – I recommend using a single-purpose wallet, especially when buying things from dark market websites (in which case you won’t need to generate a multi-sig address yourself, but you will need to provide a public key), and I will explain how to do that and how to view your private key below.
Once you hit submit you will see something like this:
You should make a note of the public address which coins can be sent to, as well as the ‘redeem script’ which will be used later to redeem those coins. Both of these things should be shared with each of the people involved in the transaction.
How To Verify a Redeem Script
If somebody else has taken care of everything up to this point then they should send you a redeem script before any payments have been made, and you should verify that script to make sure that they have done everything as agreed.
This is very easy. Just go to https://thebrowserbank.com/#verify, paste the redeem script into the box and click submit. The web page will then decode the script within your browser and show you all the relevant information for you to check, including the public address, the public keys for the signatories, and the number of signatures required.
Creating Single Purpose Addresses to Sign Transactions
For enhanced privacy I recommend that you create a new single-use address for signing these transactions, rather than using your regular BTC wallet. You can do this easily from The Browser Bank website – just go to https://thebrowserbank.com/#newAddress and click generate!
How To Send Coins From A Multi-Sig Address
In order to send coins to another address a transaction must first be created, and then sent to each of the participants. These participants must then use their private keys to sign the transaction if they agree that the payment should be made.
Creating a Transaction
In order to create a transaction simply visit the ‘New Transaction’ page on The Browser Bank here: https://thebrowserbank.com/#txinputs. If you copy and paste the redeem script into the space provided and then click the ‘load’ button, you can now create a transaction in the same way that you would send coins from any other wallet, simply by specifying the address you want to send the coins to, how many coins you want to send, and what transaction fee you would like to add in order to get your payment processed quickly by miners.
Please Beware: Unless you want to get into more advanced technical stuff you must spend all of the coins sent to this address at once (or at least all of the coins from a single deposit). If you try to send less than the complete balance then the remainder of the coins will be automatically added to your transaction fee, meaning that you will lose them.
The raw transaction generated in the previous step must now be signed by each participant in turn. If somebody else has created this transaction on your behalf and shared it with you, then you must verify that everything is as it should be before signing it. You can do that in exactly the same way that we verified the redeem script previously, by visiting the ‘Verify’ page on The Browser Bank, pasting the transaction into the box provided, and then clicking submit. This will show you the amount being sent, who it is being sent to, and it will also show how many of the required signatures have already been added:
Once you are happy and ready to sign the transaction all you need to do is to visit the ‘Sign’ tab here: https://thebrowserbank.com/#sign. Paste your private key and the transaction itself into the boxes provided and click submit:
If other signatures are still required you must now pass on your signed transaction to the next person, for them to add their signature. If enough signatures have been added, it is time to broadcast the transaction over the network and make it final! To do this you just need to visit the ‘Broadcast’ page here: https://thebrowserbank.com/#broadcast, paste the fully signed transaction into the box and click ‘submit’ to broadcast. You will then be provided with a transaction identifier (txid) which you can use to track the progress of your transaction using any block explorer!