Multisig is an abbreviation for multisignature – multiple signature or a combination of several key signatures used to confirm and execute transactions. This technology is used in multisignature wallets.
A multi-signature wallet is a blockchain-based crypto wallet that has multiple owners who are authorized to manage it.
What is multisig for? On the one hand, it distributes responsibility among several wallet owners. On the other hand, it increases the security of transactions. Keys are stored on different devices, and even if one of them is stolen, the attackers will not be able to carry out a transaction without authorizing the owners of other keys, so the assets will remain intact.
How Multisig is implemented on Free TON
Holders of Free TON tokens have the right to participate in the discussion of the development and management strategy of the blockchain. Decisions are made based on voting by community members who use private keys for identification. Decisions are made on the basis of a soft majority of votes (exceeding half of the votes participating in voting). If 50% + 1 vote is positive, the transaction is approved and authorized and is subject to execution.
The principles of transaction confirmation in Free TON are determined and configured by the wallet owners. This means that the owners themselves determine what percentage of votes are needed to approve the transaction.
There is such a type of multisig as – 2/3. The transaction is possible with the consent of two of the three participants.
Also, owners can use other wallet settings depending on the type of multisig contract. For example, you can allow transfers of amounts up to a certain limit without multisignature and require confirmation if the limit is exceeded.
How to set up a multi-signature wallet on Free TON
This can be done using the TONOS-CLI utility, which allows you to create and manage wallets with multi-signatures in the Free TON ecosystem.
What the TONOS-CLI utility allows you to do:
- create seed phrase, private/public keys;
- create a wallet;
- check wallet balance;
- list transactions awaiting confirmation;
- create transactions;
- confirm transactions.
Basic concepts and features of multisig configuration in the Free TON system
Wallet address – unique address of the wallet on the blockchain. It explicitly identifies the wallet and is required for any actions with the wallet to be performed. It does not, on its own, provide anyone access to wallet funds.
Wallet custodian – authorized owner of the wallet. Owns the private key and corresponding seed phrase, which are required to make any changes to the wallet or wallet funds. Wallet may have more than one custodian.
Custodian private key – the unique cryptographic key belonging to the wallet custodian, which authorizes access to the wallet. Should be kept secret.
Custodian seed phrase – unique mnemonic phrase exactly corresponding to the custodian private key. Can be used to restore the private key, or to sign transactions in TONOS-CLI instead of it. Should be kept secret and securely backed up.
Custodian public key – public key forming a cryptographic key pair with the custodian private key. It is not secret and may be freely shared with anyone.
Validator – the entity performing validation of new blocks on the blockchain through a Proof-of-Stake system. Requires a multisignature wallet for staking.
Two versions of the contract are available in the Free TON multisignature wallet:
SafeMultisig – basic multisignature wallet, does not permit contract code modification. Is required if you use validator scripts.
SetcodeMultisig – more advanced multisignature wallet. This version is currently required to create a wallet that can be managed in TON Surf.
Creating a wallet on Free TON
To start a wallet, each custodian creates an initial phrase – a special unique set of words, without which access to the wallet is impossible. You can call it code. If it is lost, the custodian will no longer be able to manage the wallet.
The wallet must have at least one custodian, because each transaction from the wallet must be signed by one or more custodians (depending on the wallet configuration) with their private key or equivalent seed phrase. This is a basic security requirement for the system.
Once a wallet has been created, for security reasons, it is not possible to add or remove custodians from it. To change the list of custodians, you need to create a new wallet, transfer all funds there and install the desired custodians.
If a wallet has multiple custodians and more than one custodian signature is required to complete a transaction, a new transaction is queued in the wallet and waits for the required number of confirmations.
Transaction amounts with multiple signatures are indicated in nanotokens.
Transaction confirmation mechanism
As soon as one of the custodians creates a new transaction on the blockchain, this custodian must receive the required number of confirmations from other custodians.
If there is only one custodian in the wallet, or if the number of confirmations required to complete the transaction has been set to 1, this step is not necessary. The deal will be confirmed automatically.
For maximum security while managing your wallet, the utility allows you to use the secure Tails OS environment for all actions that can be performed offline without an Internet connection.
What actions can be performed offline in OS Tails environment:
- Generation of source phrases and custodian keys
- Prepare a new transaction offline
- Prepare transaction confirmation offline