How 2014 Became the Year of Multisig

Will O'Brien, CEO and co-founder of BitGo, looks at the bitcoin security trends from the past year, and predicts what 2015 has in store.

AccessTimeIconDec 29, 2014 at 5:23 p.m. UTC
Updated Mar 6, 2023 at 3:21 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Will O'Brien is CEO and co-founder of BitGo, a bitcoin security company and pioneer in multi-signature technologies. In this article, he examines bitcoin security trends from the last year and looks ahead to what 2015 has in store.

2014 was a pivotal year in bitcoin security. Although the industry had a rough start to the year with the collapse of the largest bitcoin exchange, Mt Gox, trleading companies have made significant strides toward making the ecosystem more secure and ready to scale.

After experiencing incredible growth in 2013, in which the price of bitcoin grew from a low of $13.16 to a high of $1,165.89, the digital currency seemed poised for mainstream adoption at the beginning of 2014.

But all was not well at Mt Gox, the exchange with the largest trading volume in the world. By February, Mt Gox would file for bankruptcy citing the loss of 850,000 BTC.

The mainstream press pointed to Mt Gox’s demise as the end of bitcoin itself. How could a digital currency revolutionize the financial system if it can’t be secured properly? Fortunately, pioneering companies were already solving the challenges of security and new solutions began to roll out.

The year of multisig

Gavin Andresen, chief scientist of the Bitcoin Foundation, made a proclamation during his State of Bitcoin address at the Bitcoin 2014 conference in Amsterdam. He said without hesitation: “This is the year of the multi-signature wallet.”

What is 'multisig'? Multisig is short for multi-signature, the digital equivalent of a safe deposit box.

A multisig bitcoin wallet uses P2SH (BIP16) and requires M-of-N keys (eg: two of three) to sign a transaction. The resulting address starts with a '3' instead of a '1', which is an easy way to tell whether you are using a multisig wallet or not.

The first multisig wallet was launched in August 2013 by BitGo and many bitcoin companies have embraced this new standard, including BitPay, Circle, Coinbase, CoinKite, Armory, and GreenAddress.

Heading into 2014, the predominant model for securing bitcoins was single-key cold storage, in which a private key is generated offline and then stored in a vault.

While this is a good approach to preventing digital theft of private keys, it has put the industry in a cold storage ice age, where bitcoins are locked away and companies deploy off-blockchain transaction systems that are susceptible to the same manipulation that occurred at Mt Gox.

Cold storage also presents the possibility of loss due to user error or backup failures, even if the threat of theft is reduced.

Multisig is the first foundational infrastructure technology that will make the bitcoin ecosystem safer. At the beginning of 2014, only 0.02% of all BTC were secured with multisig; that number is now more than 5%.

Over the past year, there was a 79-fold increase in daily multisig transactions. In November, we saw the first ever multisig exchange come online, when TeraExchange partnered with BitGo for on-blockchain collateral management for its regulated swaps execution facility.

While we still need more adoption of multisig as an industry, 2014 was a turning point in implementing a better security model.

Bitcoin security in 2015

2015 promises to be a year of continued innovation to improve bitcoin security. Developments are already being implemented at limited scale, but 2015 will be the year in which we see them become much more central to the industry.

Here are some of the top trends to expect based on the progress made in 2014:

HD wallets

HD stands for 'hierarchical deterministic', a technique for generating private keys introduced in BIP32.

In an HD wallet, a new address is used for every transaction to maintain financial privacy and prevent others from identifying connected transactions on the blockchain.

Transaction signing policies

Your bank account has limits on wire transfers that require a second approval and your credit card blocks transactions that trigger their fraud filters.

Bitcoin as a core technology has none of these, but wallet providers and exchanges have already begun rolling out treasury protections and transaction signing policies such as spending limits, multi-user approvals and recipient whitelists.

Hardware devices and trusted computing

Trezor launched the first hardware wallet in 2014 and now other companies are following suit with hardware key fobs and hardware security modules.

Trusted computing is also entering the bitcoin ecosystem through companies like Rivetz. Advancements in hardware security will make it nearly impossible for hackers to get access to private keys.

Moving from multisig to multi-institutional

Multisig wallets require M-of-N keys to sign a transaction. Multi-user wallets require M-of-N users to sign a transaction with their respective private keys.

Additionally, multi-institutional wallets require those keys to be distributed to more than one organization, so that there is no opportunity for insider theft or targeted attack at one institution.

Industry standards and APIs

Best practices for security have been introduced by the pioneers over the last two years. The time is ripe for industry standards and API platforms to emerge, so that the next generation of companies can build on the work of the last generation, rather than reinventing the wheel.

As the industry forms standards, we hope to see other parties including regulators, insurance underwriters and auditors coming to the table in a spirit of collaboration.

Bitcoin security 2014, an infographic

Below is infographic, created at BitGo, to highlight some of the top achievements of 2014 and what we expect to see in 2015.

Bitcoin Security bitgo screenshot

Security image via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.