In order to eliminate the risk of custodial control over your bitcoin holdings, it is necessary to take self-custody. This means that whoever has control over the keys to your bitcoin is the one who determines custody. As the saying goes, “not your keys, not your coins.” Therefore, it is important to have control over your own keys to ensure the safety and security of your bitcoin.
Once the decision has been made to hold bitcoin in self-custody, the next step is to determine how to do so. While hardware wallets are generally considered the most secure option for storing bitcoin keys, there are other options available such as singlesig, multisig, and other technologies that dictate the requirements for spending your bitcoin. In this article, we will explore these options and compare them to each other.
Singlesig
Singlesignature, or singlesig, refers to a wallet structure where only one private key is required to authorize the spending of bitcoin. This is the oldest and most basic method of holding bitcoin, with over 70% of the total bitcoin supply currently held in this manner. While it is relatively easy to set up and use, many people have found that singlesig does not provide a sufficient level of security. With only one key, there is always a single point of failure that can result in lost funds. For example, if the singlesig key is misplaced, access to the bitcoin is lost. Similarly, if the key falls into the wrong hands, a thief can easily transfer the bitcoin to their own wallet.
It is important to remember that a bitcoin private key is simply a randomly-generated piece of secret information. This information can be generated by an offline tool, such as a hardware wallet, and should also be stored physically as a seed phrase. This means keeping a set of 12 or 24 words secure and private. However, even the most careful and organized individuals can experience unexpected circumstances that result in the loss of important items. If the lost item happens to be the only key to your bitcoin wealth, it can be catastrophic. Therefore, it is important to consider strategies that can help prevent this from happening. Let’s explore some popular approaches!
Before we dive into multisig, it is worth taking a look at some of the methods people use to modify singlesig arrangements. These can range from improvised strategies to standardized technological tools.
Improvised Singlesig Modifications
Without learning about additional technologies, someone who holds bitcoin in a singlesig wallet might think of simple techniques that appear to offer protection from losing funds. Examples include making copies of the seed phrase, splitting the seed phrase into separate pieces, encoding the seed phrase, or creating several singlesig wallets to distribute wealth. However, these techniques come with trade-offs that users may initially fail to recognize. Let’s take a closer look at each one.
Seed Phrase Copying
Making copies of a seed phrase is one strategy people use to help avoid losing access to their bitcoin in a singlesig wallet. This can provide extra protection against natural disasters or misplacement. By storing multiple copies of a seed phrase in different locations, one location could suffer unexpected destruction without resulting in the loss of access to the seed phrase.
However, there is a significant downside to this approach. With an otherwise basic singlesig arrangement, the seed phrase is the only item someone needs in order to discover your wallet balance and remove bitcoin from your wallet. In other words, if a dishonest person finds any one of your seed phrase copies, they could steal bitcoin from you. Therefore, storing your seed phrase in multiple locations can increase the risk of theft.
Seed Phrase Splitting
Because seed phrases typically consist of 12 or 24 words, some users may think to split up the word list into sections and store them separately. The logic behind this is that if a thief manages to acquire less than the full word list, they will be unable to steal the bitcoin.
However, out of all the ideas covered in this article, this one is the most problematic. The theft prevention logic is flawed – if a thief manages to find a portion of your seed phrase, they could be substantially closer to being able to guess the remaining words and steal from you. Besides failing to offer the intended level of protection, this approach can also make it more difficult (if not impossible) for you as the user to access your bitcoin if any one of the seed phrase sections becomes lost.
Seed Phrase Encoding
Some singlesig users may think to encode their seed phrase, with the idea that if a thief finds the resulting information, they will be unable to decode it and obtain the original seed phrase to steal the bitcoin. There are many possible methods for attempting this, such as using a secret formula to alter the words or hiding the seed phrase within a larger set of words.
The more complex the encoding strategy is, the less likely it is for a thief to be able to reverse-engineer access to the bitcoin. However, this is a double-edged sword because a complex encoding strategy can also increase the chances of making a mistake or forgetting how to decode the resulting material. In other words, it adds a new potential avenue for losing access to your bitcoin.
Exploring Different Approaches to Securing Your Bitcoin
Bitcoin is a valuable asset, and as with any valuable asset, it is important to take measures to protect it. One common piece of advice is to avoid “putting all your eggs in one basket.” This means that instead of holding all of your bitcoin in one wallet, it may be wise to spread it out among multiple wallets. This can help mitigate the risk of loss or theft, but it also adds complexity and creates more potential points of failure.
Multiple Single-Signature Wallets
One approach to spreading out your bitcoin is to use multiple single-signature (singlesig) wallets. This means that each wallet is controlled by a single private key, and only one signature is required to authorize a transaction. While this can reduce the risk of losing all of your bitcoin, it also increases the risk of losing a portion of it if any one of the wallets becomes inaccessible or compromised.
However, there are ways to address this issue and remove single points of failure for your entire bitcoin balance without introducing more potential points of failure.
Standardized Singlesig Modifications
In addition to improvised approaches, there are also standardized tools available to help address certain risks with singlesig wallets. These include BIP 39 passphrases, Seed XOR, and Shamir’s secret sharing. Each of these options has its own trade-offs to consider.
BIP 39 Passphrases
BIP 39 passphrases are an additional set of characters that can be added to a seed phrase (similar to a 13th or 25th word) to create a more secure key. This passphrase is required to recreate the key and spend funds, providing an extra layer of security. However, if the passphrase is lost or forgotten, access to the funds will be permanently lost.
Seed XOR
Seed XOR is a solution offered by the Coldcard hardware wallet that allows you to split your seed phrase into multiple unique phrases. This creates another form of seed phrase splitting without the security risks of improvised setups. It also allows for the creation of decoy wallets with smaller amounts of funds. However, if any one of the newly produced seed phrases is lost, access to the original wallet and its funds will be permanently lost.
Shamir’s Secret Sharing
Shamir’s secret sharing is a cryptographic algorithm that allows for the creation of multiple shares of a secret, with only a portion of the shares needed to reproduce the original secret. This means that even if one share is lost, the secret can still be recovered with the remaining shares. This approach offers theft resistance without increasing the risk of loss.
Conclusion
There are various approaches to securing your bitcoin, each with its own trade-offs. It is important to carefully consider the risks and benefits of each approach and choose the one that best fits your needs. By spreading out your bitcoin and using additional security measures, you can better protect your valuable asset from loss or theft.
Singlesig vs Multisig: A Comprehensive Comparison of Bitcoin Self-Custody Approaches
Bitcoin self-custody is the practice of holding and securing your own bitcoin without relying on a third party. This is an important aspect of bitcoin ownership, as it allows individuals to have full control over their funds and eliminates the risk of a third party being compromised.
There are two main approaches to self-custody: singlesig and multisig. In this article, we will thoroughly compare these two approaches and discuss their strengths and weaknesses.
Singlesig
Singlesig, short for single signature, is the most basic form of self-custody. It involves creating a single private key that is used to access and spend your bitcoin. This key can be stored in a variety of ways, such as on a hardware wallet, paper wallet, or even memorized.
One of the main advantages of singlesig is its simplicity. It is easy to set up and use, making it a popular choice for beginners. However, it also has some notable weaknesses.
Firstly, singlesig has a single point of failure. This means that if your private key is compromised or lost, you will lose access to your bitcoin. This risk can be mitigated by creating backups of your key, but this introduces additional security concerns.
Another weakness of singlesig is that it is vulnerable to physical attacks. If someone gains access to your physical key, they can easily steal your bitcoin. This risk can be reduced by using a hardware wallet, but it is still a concern.
Singlesig also lacks the ability to have multiple users or parties involved in the custody of the bitcoin. This means that if you want to involve others in managing your bitcoin, singlesig is not a suitable option.
Shamir Secret Sharing (SSS)
To address some of the weaknesses of singlesig, a modification called Shamir Secret Sharing (SSS) was introduced. SSS involves splitting a private key into multiple parts, known as shares, using a mathematical algorithm called Shamir’s Secret Share.
The idea behind SSS is that even if one share is compromised, the attacker would not have access to the full key. This adds an extra layer of security to singlesig, making it less vulnerable to physical attacks.
However, SSS also has its own weaknesses. When the shares are combined to reassemble the key, there is a temporary single point of failure. This means that at the time of signature, the full key must exist in one place, making it vulnerable to exploitation by an attacker.
Multisig
Multisig, short for multisignature, is a fundamentally different approach to self-custody. It involves creating a wallet with multiple unique keys, where a certain number of those keys are required to sign off on a transaction.
For example, a 2-of-3 multisig wallet would require two out of three keys to sign off on a transaction. This adds an extra layer of security, as an attacker would need to compromise multiple keys to steal your bitcoin.
Multisig also eliminates the single point of failure present in singlesig. This means that even if one key is compromised, the attacker would not have access to your bitcoin.
However, multisig comes with its own trade-offs. It is more complex to set up and use compared to singlesig, making it less suitable for beginners. It also incurs higher transaction fees, although this may change with the adoption of Taproot technology.
DIY vs Collaborative Custody
Multisig can be set up and managed by an individual, known as DIY multisig. However, this can be challenging for beginners and may require technical support.
Alternatively, there are collaborative custody businesses, such as Unchained, that offer multisig services. This involves sharing some information about your bitcoin with a collaborative partner, but ultimately, you still have full control over your funds.
Choosing the Proper Quorum
When setting up a multisig wallet, it is important to choose the proper quorum, which determines the number of keys required to sign off on a transaction. The most commonly used quorums are 2-of-3 and 3-of-5.
While 3-of-5 may provide extra redundancy, it also introduces unnecessary complexity. For most individuals and businesses, a 2-of-3 quorum is sufficient for securing their bitcoin.
Comparison Chart
To summarize the differences between singlesig and multisig, here is a comparison chart:
| Feature | Singlesig | Multisig |
| — | — | — |
| Single point of failure | Yes | No |
| Vulnerable to physical attacks | Yes | No |
| Involves multiple users | No | Yes |
| Uses SSS | Yes | No |
| Transaction fees | Lower | Higher* |
| DIY vs Collaborative custody | DIY | Collaborative |
| Proper quorum | N/A | 2-of-3 or 3-of-5 |
*With increased Taproot adoption, multisig will have the same fee structure as singlesig.
Conclusion
In conclusion, both singlesig and multisig have their own strengths and weaknesses. Singlesig is simple to use but has a single point of failure and is vulnerable to physical attacks. Multisig offers better security but is more complex and incurs higher transaction fees.
Ultimately, the choice between singlesig and multisig depends on your personal preferences and risk tolerance. Whichever approach you choose, it is important to properly secure your bitcoin and have backups in case of any unforeseen circumstances.
Choosing Between Singlesig and Multisig for Bitcoin Custody
When it comes to holding bitcoin in self-custody, there are various approaches to consider. As shown in the chart above, each approach has its own tradeoffs, making it difficult to determine the best option. To decide between singlesig and multisig, it’s important to first understand your preferences and priorities.
Singlesig and multisig have different strengths, which raises the question: why not use both? Instead of viewing them as competitors, they can complement each other perfectly. For example, you could use a multisig wallet for long-term, high-security bitcoin savings and a singlesig wallet for smaller amounts used for transactions (such as a mobile wallet that supports lightning).
If you’re interested in the benefits of collaborative custody through multisig, which allows you to maintain full control over your bitcoin while also providing technical support, streamlined inheritance, and access to other services, consider booking a free consultation with the Unchained team.
This article was originally published on Unchained.com.
Unchained Capital is the official US Collaborative Custody partner of Bitcoin Magazine and a sponsor of related content published through Bitcoin Magazine. For more information on their services and the relationship between Unchained and Bitcoin Magazine, please visit their website.
