P2SH and MultiSig: Concepts and Models to End the Cold Storage Ice Age
3 likes1,588 views
The document discusses the concept of Pay to Script Hash (P2SH) and multi-signature (multi-sig) wallets, emphasizing their role in enhancing cold storage security and facilitating transactions through unique conditions for fund claims. It covers various applications of multi-sig wallets, including collaborative wallets, escrow services, and integration with exchanges, alongside their implementation through different methods and services like BitGo. Additionally, the document highlights practical examples and advantages of using multi-sig techniques to improve overall security and trust in financial transactions.
P2SH and MultiSig: Concepts and Models to End the Cold Storage Ice Age
- 1. P2SH and Multi-Sig Ending the Cold Storage Ice Age Benedict Chan, BitGo @bencxr benchan@bitgo.com
- 2. Agenda ● Pay to Script Hash ● Emerging multi-sig concepts and scenarios ● Implement a multi-sig wallet in 5 minutes
- 3. Pay to Script Hash (P2SH) ● Bitcoin address can require successful execution of a script corresponding to a hash ○ Past: “Claim if signed by xyz private key” ○ Now: “Claim only if xyz conditions were satisfied” ● 7.88% of BTC held in P2SH addresses
- 4. P2SH - Hash-Locked Contract ● Example: A and B want to trade BTC for DOGE ● A thinks of any x and hashes it to H(x) ● On Bitcoin chain: ○ A creates transaction TX0 to a P2SH script to ■ Pay BTC to B if x of H(x) is known and signed by B or ■ Pay BTC to A if signed by A and B ○ A creates refund transaction TX1 (with TX0 as input) valid at a future date (3 days later) for B to sign ● On Dogecoin chain: ○ B does similar (refund not shown), sends to P2SH script “Pay 2,000,000 doge to A if x of H(x) is known and signed by A” ● When A claims DOGE by revealing x, B can claim BTC
- 5. P2SH - Multi-Signature Address ● Spend an input if only M of N signatures were provided ○ Commonly 2 of 3 (up to 15) ○ M of N must be defined at address creation time ● Signers cannot change outputs
- 6. Cold Storage on Multiple Machines ● Create and use keys on separate online/offline devices ● Hacker must compromise multiple machines ● Redundancy ● Examples: Bitcoind (createmultisigaddress, createrawtransaction), Armory Lock Boxes
- 7. Multi-Sig Hardware Wallets ● Additional signer ● Private key never leaves device ● Low malware risk
- 8. Joint Wallet with Multiple Parties ● Family expense wallet ● Group savings (birthday gift, holiday funds) ● All signers have equal importance
- 9. Multi-Sig Escrow ● 2-of-3: Buyer, Seller and Escrow ● Buyer sends purchase funds, seller (may) send collateral ● If buyer receives item in good order, create payment transaction with seller. ● Otherwise escrow agent can mediate ● Escrow agent can never steal funds with only 1 key
- 10. Micro Payment Channel ● Customer creates TX0 for 1 BTC to shared 2-of-2 address ● Provider sends Nlocktime refund transaction for full amount ● Publish TX0 ● Replace off-chain transactions ○ 0.99 to customer, 0.01 to provider ○ 0.98 to customer, 0.02 to provider ○ … ○ 0.55 to customer, 0.45 to provider ● Broadcast only last transaction to close channel
- 11. Instant Confirmations ● “Clearing house” creates a 2-of-2 address for the customer to pre-fund ● Payments out of address guaranteed “instant confirmations” ● Clearing house would never double-sign the same input BitPay Impulse
- 12. Smart Co-Signer Service ● 2 keys held by customer, 1 key by service ● User creates and half-signs transaction, then sends to co-signer ● Co-signer executes security and logic
- 13. ● Per-day limits / Per-transaction limits ● Destination bitcoin address whitelists ● Time of day restrictions ● Human approvals - User/password/2FA ● Red button (kill switch) ● Blacklisting, IP lockdown, ... ● External webhooks BitGo Co-Signer Logic
- 14. Enterprise Treasury ● Multiple users on a wallet ○ Require 2FA and User Auth ● Accountant creates transactions up to a limited amount per day ● CEO, CFO able to approve large withdrawals ● Can add/remove privileges of users at any time ● Example customers: SecondMarket, ChangeTip, BitFury..
- 15. ATM Provider ● Shared wallet with multiple machines ● One access token per machine ● IP lockdown for each token ● Tokens may be individually revoked ● Example customers: Lamassu ATMs
- 16. Exchange Hot Wallet Pool ● Exchange maintains single hot wallet for all deposits and withdrawals ● Outgoing withdrawal amount limited per day ● Callback on each transaction to accounts database ● Examples: Bitstamp, BitSpark, BitQuick, MimeticMarkets, ...
- 17. Exchange-owned Segregated Wallet ● One wallet per exchange user ● Per-user-wallet policy granularity ● Withdrawals require user 2FA ● Transactions to house wallet whitelisted
- 18. ● Every user owns their own private key ● Backup key held by arms-length custodian ● Buy orders can go directly to user wallet ● Sell orders can be confirmed by exchange instantly ● Great for places that allow you to just “buy bitcoin” User-owned Wallet Linked With Exchange
- 19. Exchange+User Joint Wallet ● User and exchange each own a private key ● Instant confirmation ● Withdrawals depend on ○ Webhook call to exchange to ensure user has sufficient margin
- 20. Co-Signer Oracle Contracts ● HTTP callback enables external logic to be implemented Shared Multi-Sig Wallet UserA BTC Collateral (1BTC) UserB BTC Collateral (1BTC) Winner creates/signs tx for 2BTC out BitGo Co- signer Webhook oracle gets BTC price at contract date to determine winner cosign/transmit Bitcoin P2P Net
- 21. Open Source SDK 1. Create a wallet 2. Get new addresses 3. Fund the wallet 4. Get transactions and balances 5. Send coins Implementing multi-sig in 5 minutes
- 22. Exchange integration demo ● First open-source multi-sig bitcoin exchange ● Uses bitgod (bitcoind adapter for Bitgo)
- 23. Thank you visit: https://www.bitgo.com/platform twitter: @bencxr email: benchan@bitgo.com