← Back to articles

Wallet wars: how multisig is winning the day

November 22, 2018 2:05 pm Published by

You’ve bought some cryptocurrency. Now what? You need a crypto wallet to store it – one that will keep your crypto easily accessible, yet safe from hacking and fraud.

Your options are varied and come with their own impenetrable crypto-vernacular. For instance, do you want a hot wallet, which is online and connected (often via an app), making your money easy to access but potentially at risk from hackers? Or a cold wallet, which is entirely offline – safer, but also more difficult to access. Perhaps something that combines the two?

Whichever you choose, you need two things to make a cryptocurrency transaction from your wallet: a public address and a private key. The public address is like your email address – it’s something you’re happy to give out to people. Generated randomly by computer, the private key is known only to you, and is like the password on your email account. As with all passwords, it’s the private key that you need to keep safe.

Hardware wallets

Hardware wallets are popular, thanks to their primarily cold (offline) method of storing your currency, making them inaccessible to hackers. They most often take the form of a USB device, into which you need to enter a PIN number in order to access the private key required for transactions. This is secure, since someone would have to steal the physical device and know your PIN to access your crypto. While the chances of a would-be thief getting access to everything are slim, it could still happen. The other problem hardware wallets face is their physicality, which makes them vulnerable to human error, i.e. loss or breakage.

Luckily, manufacturers have addressed these issues with the ‘Seed Phrase’. This allows you to buy another hardware wallet, enter your phrase and restore your cryptocurrency to the new device. Lose your Seed Phrase, however, and you really are in trouble.

As soon as hardware wallets are connected to the internet to perform transactions, they are as vulnerable as any connected device. The degree of protection depends on how random the Random Number Generator used by the manufacturer is; any patterns could be exploited by a hacker or malware seeking access to your account.

Multisig wallets

A practical alternative to hardware wallets is the multisignature (multisig) wallet. It’s a ‘hot’ wallet, which means it’s stored online, so you can make transactions quickly and easily. However, unlike earlier iterations, modern hot wallets feature significant extra protection for your funds.

Before August 2013, hot wallets needed just one private key to access your funds. If someone got hold of that, they could drain your account in seconds. In contrast, multisig wallets give you multiple copies of your private key and any transaction needs to be authorised by a set number of those keys in order to be approved. Each key is the same string of numbers; the security comes from the fact that these have to match when entered from different sources in order for the transaction to be authorised.  The number of keys can vary, but three keys, with two needed for authorisation, is the industry standard.

In the case of a typical multisig app-based cryptowallet, one of these private keys is stored in the wallet itself. A second is given to your multisig provider (who, crucially, doesn’t hold the cryptocurrency itself), and a third is stored somewhere else completely, such as on your laptop, as a back-up key.

Now, say you want to go and buy a doughnut from The Bitcoin Bakery. You authorise the transaction using the multisig app on your phone, which turns one of the keys. The multisig provider then sees if this request checks out, using indicators like whether it’s your phone, whether you entered your password and where you are geographically. If that all looks good, they turn their key and bingo – you’ve just bought your doughnut. If you lose your phone or it’s stolen, using the third key will give you back access to your crypto.

The Wirex solution

At Wirex, we’re big fans of the security and practicality that multisig wallets offer. Whether you’ve got your funds in Bitcoin, XRP, Ether or Litecoin, we protect the money in your Wirex account using segregated, cold-storage, multisig wallets. All of these are completely free – another major advantage of multisig wallets.

If you’ve not signed up already, click here to register for your free Wirex account. Or, if you’re already a fully-fledged member of the Wirex clan, don’t forget to follow us on Twitter, Facebook, Instagram or Telegram.

Online Security: The fears and the facts

With almost all of our financial affairs being conducted online, there is much at stake if the infrastructure protecting our money is compromised. News articles of security breaches across all industries are posted daily, so it’s no surprise that many people feel less than confident about online security. However, there are plenty of measures in… View Article

Security 101: Staying safe in today’s digital world

Gone are the days of safe deposit boxes and padlocked filing cabinets full of personal documents. Today, our increasingly digital world means information and possessions that were previously physical are now much more likely to be stored online. In fact, a 2015 study found that 42% of respondents created more than 50 new personal profiles… View Article

ICO image
Why Wirex is not an ICO

Initial Coin Offerings (ICOs) have received a lot of press but not always for the best reasons. Experts estimate that over 80% of ICOs have fraudulent intentions. Unfortunately many people tend to associate any company that works in the crypto space with ICOs, and this may have a negative effect on the entire industry. So,… View Article

Why 2FA security is vital for your Wirex account

We use passwords to access everything – social media accounts, emails, online banking. Not only can it be difficult to keep track of them all, it’s also difficult to create something that’s both memorable and complex. That’s why we recommend Two-Factor Authentication (2FA) as an extra layer of security. How will 2FA protect you? 2FA… View Article