Hello, everyone! In this post, we would like to cover the problem of authority and how it affects the decision-making process. We would also talk about how multi-signature can address those issues and discuss a few real-life examples.
Quite often, the same operation would have to be confirmed by different individuals, especially when it comes to finances. There are different reasons for confirming one operation for several times. Sometimes it is simply required by certain policies, sometimes it is just an extra measure of protecting oneself from unauthorized access. No matter the intention, it is simply the reality of many fields: worrying, theft, and unexpected sign-ins. Luckily, there are blockchain-based solutions.
People who work with wallets, which require only one password (private key), may find themselves in plenty of unpleasant scenarios. For example, if a private key is lost, then the person wouldn’t be able to access their wallet anymore. If a key is compromised, the thief could transfer all the assets in minutes and it is nearly impossible to track and get them back. If a mistake occurs, such as transferring the assets to a wrong account, it can’t be reversed. The assets are lost. Ouch.
Anyways, there are a lot of “ifs” and enough terrifying possibilities. However, with blockchain-based solutions, all of these risks can be resolved and avoided by using multi-signature. The name speaks for itself: you access your account by entering several signatures (private keys) for certain operations. For instance, in Stellar blockchain, each account requires from one to several signatures for the authorization. Each signature has its own value, but to gain access to an account, you’ll need a certain “weight,” so-called “changeable thresholds.” The thresholds vary for different operations, including transaction processing, allowing trust, account merging, changing account settings, etc. Not only does this approach provide flexibility for different types of business implementation, but it also mitigates risks of losing assets due to errors or the compromisation of private keys. Signing in could be performed by hardware wallets like Ledger or Trezor, so the private key is much less likely to be leaked in comparison to the password entered by the keyboard.
Let’s consider three real-life cases in which multisig is an optimal approach. The first example is a small family business. Each member of the family would have a private key but transferring assets from the wallet would require at least two of them. This way the parents are sure that their son can’t make any unconfirmed purchases like a Kawasaki motorcycle to “optimize the delivery”.
Another good example is financial or procurement systems, in which the payment must be authorized by several individuals because of a certain internal policy or regulation. In this case, instead of manually doing everything good-old way–on paper–all operations could be easily implemented on the top of the blockchain. The newly implemented pipeline will automatize and ease the work, also ensuring the security of the operation.
Finally, let’s consider a case in which certain crypto-assets need to be protected. Two company executives have the sign rights, each of whom would have one key plus an extra back-up key. Three keys total. So, if a key is lost or compromised, the company does not lose access to the account and can easily replace the key. If an important operation is about to take place, the system would require two signs.
What do you think? We would love to hear your ideas in the comments!