As blockchain and cryptocurrency technology evolves, the need for enhanced security measures to protect digital assets grows. One solution to this challenge is multisig (multi-signature) wallets, which require the signatures of multiple parties before a transaction can be executed, providing an added layer of security against unauthorized access and fraud.
Traditionally, multisig wallets require parties to communicate off-chain to collect all necessary signatures. However, a smart contract has been introduced where signatures can be collected directly on the blockchain, eliminating the need for off-chain communication. The smart contract keeps track of these signatures, and once the set threshold is reached, the funds can be unlocked. This approach is especially useful in scenarios where the parties involved in a multisig group do not know each other.
Multisig wallets typically require M-of-N signatures (M signatures from a group of N participants) to authorize a transaction. They have become increasingly popular for managing digital assets, particularly in joint accounts where multiple family members or business partners need to approve transactions, in escrow services where a neutral third party holds funds until predetermined conditions are met, and in secure storage where one user holds multiple keys to prevent unauthorized access. Traditional multisig wallets require the exchange of partially signed transactions between parties before they can be submitted on chain.
To address this limitation, a multisig smart contract has been developed that allows for on-chain signature collection. The process involves deploying a smart contract on the blockchain that specifies the minimum number of signatures (M) and the list of authorized signers (N). The contract has a state, which is the list of signatures collected so far, initialized to zero. Whenever the contract is called with a new signature, it is added into the state if it is valid and new. Once the threshold M is reached, the smart contract pays out to the predefined destination address.
The full code written in sCrypt can be found in the boilerplate repository, including two public methods: “add,” which takes as input a valid signature and the index of the public key it belongs to, and “pay,” which checks if the signature threshold has been reached and pays the locked funds to the address stored in the “dest” variable if so. The code has been rigorously tested to ensure its effectiveness. This approach provides enhanced security measures for managing digital assets on the blockchain.