Stateful MultiSig on Bitcoin

Getting your Trinity Audio player ready...

This post was first published on Medium.

Introduction

As the blockchain and cryptocurrency space evolves, there has been a growing need for enhanced security measures to protect digital assets. One of the prominent solutions to this challenge is multisig (multi-signature) wallets. These wallets require the signatures of multiple parties before a transaction can be executed, providing an added layer of security against unauthorized access and fraud.

Traditional multisig wallets require parties to communicate out-of-band (off-chain) to collect all signatures. We introduce a smart contract where signatures can be collected directly on the blockchain. The smart contract keeps track of these signatures, and once the set threshold is reached, the funds can be unlocked. This can be useful when, for example, the parties in a multisig group do not know each other.

Traditional Multisig Wallets

A multisig wallet typically requires M-of-N signatures (M signatures from a group of N participants) to authorize a transaction. These wallets have become increasingly popular for managing digital assets, particularly in scenarios like:

1. Joint accounts, where multiple family members or business partners need to approve transactions.
2. Escrow services, where a neutral third party holds funds until predetermined conditions are met.
3. Secure storage, where one user holds multiple keys to prevent unauthorized access.

Traditional multisig wallets require the exchange of partially signed transactions between parties before they can be submitted on chain.

On-Chain Signature Collection

We have developed a multisig smart contract that allows for on-chain signature collection in the steps that follow.

1. A smart contract is deployed on the blockchain, specifying the minimum number of signatures (M) and the list of authorized signers (N). It has a state: the list of signatures collect so far, which is initialized to zero.
2. Whenever the contract is called with a new signature, it is added into the state if it is valid and new.
3. Once the threshold M is reached, the smart contract pays out to the predefined destination address.

The full code written in sCrypt is below.

It has two public methods:

1. add — this method takes as an input a valid signature and the index of the public key it belongs to. It first checks the validity of this signature and sets a flag if valid.
2. pay — this method checks if the signature threshold has been reached, e.g., 2 out of 3 in this particular example. If so, it ensures the next output will pay the locked funds to the address stored in the “dest” variable.

The full code, along with tests, can be found in our boilerplate repository.

References

• Native Custom Tokens in the Extended UTXO Model: https://iohk.io/en/research/library/papers/native-custom-tokens-in-the-extended-utxo-model/

Watch: sCrypt makes smart contracts possible on the BSV blockchain