Multi-Sig Basics

A standard Bitcoin wallet uses a single private key to authorise transactions. Multi-signature (multi-sig) wallets require multiple keys — typically two out of three, or three out of five — to sign a transaction before it can be broadcast. This eliminates the single point of failure that defines single-key custody.

Why Multi-Sig Exists

Single-key custody has an inherent vulnerability: if one key is compromised, all funds are lost. If one key is destroyed, all funds are lost. The risk is binary — a single event can produce total loss in either direction.

Multi-sig changes the risk profile. In a 2-of-3 setup, losing one key does not lock you out (you still have two), and an attacker who obtains one key cannot spend the funds (they need two). You can survive a single catastrophic failure — fire, theft, or device failure — without losing access.

How It Works

A multi-sig wallet is defined by two numbers: the threshold (how many keys are needed to sign) and the total (how many keys exist). The most common configurations are:

• 2-of-3 — three keys exist; any two can authorise a transaction. This is the most common personal multi-sig setup.
• 3-of-5 — five keys exist; any three can authorise a transaction. This is common for institutional or family custody.
• 2-of-2 — two keys exist; both are required. This offers no redundancy for key loss and is rarely recommended for savings.

Each key is held on a separate device — typically a separate hardware wallet — and ideally stored in a separate physical location. The wallet software (such as Sparrow, Electrum, or Nunchuk) coordinates the signing process: it constructs the transaction, sends it to each signing device in turn, and broadcasts it once the threshold is reached.

A Practical 2-of-3 Setup

Here is a concrete example of a 2-of-3 multi-sig for personal savings:

• Key 1 — Coldcard hardware wallet, stored in your home safe.
• Key 2 — Trezor hardware wallet, stored at a family member's house or a safety deposit box.
• Key 3 — Jade hardware wallet, stored in a third location (a trusted friend, a second safety deposit box, or your office).

Each device generates its own key pair during setup. The wallet software combines the three public keys to create a multi-sig address. To spend from this address, you need to sign the transaction with any two of the three devices.

If your home burns down (Key 1 destroyed), you still have Keys 2 and 3. If your Trezor is stolen (Key 2 compromised), the thief still needs a second key. In either scenario, you retain access and the attacker does not.

The Complexity Trade-Off

Multi-sig is more complex to set up and to operate than single-key custody. Each transaction requires coordinating multiple devices, potentially in multiple locations. The initial setup requires care in recording each key's seed phrase and the wallet's configuration file (the "wallet descriptor" or "multisig quorum"), which is needed to reconstruct the wallet.

For most individuals holding moderate amounts, a single hardware wallet with a strong seed phrase backup is sufficient. Multi-sig becomes worth the added complexity when the amount being secured is large enough that a single point of failure is unacceptable — typically when bitcoin represents a significant fraction of your total savings.

Collaborative Custody

Services like Unchained Capital and Casa offer collaborative multi-sig, where the company holds one key, you hold two, and the company assists with the signing process. This is a middle path: you retain ultimate control (you hold the threshold), but you have professional support for recovery and inheritance planning.

The trade-off is that the company knows your identity and your key configuration. For those who require privacy, a fully self-managed multi-sig is the only option. For those who want professional support without giving up sovereignty, collaborative custody is a reasonable compromise.