Bitcoin transactions are accomplished with the aid of public key cryptography. Traditionally, if a bitcoin user weâll call Alice wants to send bitcoins to a user weâll call Bob, she uses a private key she controls to sign a message containing, among other things, the number of bitcoins she wants to transfer and a public key associated with Bob. Within about ten minutes this transaction will be verified by the bitcoin network, and it becomes, for all practical purposes, irreversible.
But what happens if Alice thought she was buying a surfboard from Bob, and Bob, after receiving payment, decides to hang onto both the surfboard and Aliceâs money? Since Alice knows only Bobâs public key but not his actual name, thereâs no practical way for her to file a complaint. And, unlike if she had paid with a credit card, thereâs no way for her to reverse the payment.
Multisig approaches have the potential to address this by making transactions contingent on the collective agreement of multiple parties. In the example above, the system could be modified so that Alice and Bob each provide their public keys to an escrow service, which then uses its own key to generate a new bitcoin address to which Alice can send payment for the surfboard. Moving the payment from that address requires the authorization of any two of Alice, Bob, and the escrow service. This protects Bob, because he can ship the surfboard knowing that Alice canât unilaterally take back the money she has placed in escrow. Alice is protected because Bob canât unilaterally extract the money from escrow. Once Alice receives the surfboard, she and Bob can jointly authorize the transfer of the money out of escrow to Bob. Or, if she claims that she hasnât received the surfboard, or that it is defective, the escrow service can arbitrate the dispute.
Multisig can also be used to help combat unlawful payments (by making it possible for a third party to confirm that payees arenât barred from receiving funds) and to make exchanges and wallet services safer. In a âtraditionalâ bitcoin system in which payments can be authorized using only a single key, if that key is somehow obtained by hackers, the legitimate owner is out of luck. But in a multisig system, an exchange or wallet service can collect enough customer information to facilitate transactions, but not enough to enable a hacker to run off with a customerâs bitcoins.
|This article's a stub|
|You can help by expanding it|