All articles

What is multisig?

While many blockchains like Ethereum and Solana support multisig, this article will focus on multisig from the Bitcoin perspective.


As you dive deeper into Bitcoin and self-custody, safeguarding your funds becomes a top priority. Relying on a wallet backup can feel risky, knowing that a single list of words holds the key to your funds. This is called a single point of failure, and there are several ways you can reduce this risk.
 

Multisig, short for multiple signatures, is a method of securing a wallet by requiring approval from multiple private keys stored on separate devices when sending transactions. While Trezor recommends SLIP39 wallets as a simpler yet equally robust alternative in terms of backups (more on that later), Trezor devices are fully compatible with multisig setups, allowing you to choose the option that best fits your needs.
 

Multisig wallets have been widely used in the Bitcoin community since their introduction in 2012. Prominent figures like Andreas Antonopoulos and Jameson Lopp have dedicated years to educating others about multisig wallets and their advantages, making multisig a pillar of many Bitcoiners’ security strategies.
 

Multisig setups are especially popular with users who are ready to take their security a step further. A multisig wallet can protect you from losing access to your funds if your device or wallet backup is lost.
 

You can set up multisig independently or use a service like Casa, which can assist in managing the setup and holding some of the keys.
 

SLIP39 backups are the default option when setting up a new Trezor Safe 5 and newer versions of the Trezor Safe 3. If you created your wallet on a Trezor device running firmware 2.7.2 (14 June 2024 release) or later with the 20-word backup, you already have an upgradable SLIP39 wallet. This provides a similar setup without requiring you to move your funds. Learn more about SLIP39 in these articles:

Single-share Backup on Trezor

Multi-share Backup on Trezor

Upgrading to Multi-share Backup

SLIP39 FAQs


How does a multisig wallet work?

Transactions using a multisig wallet require approval from multiple devices. Here’s how it works:
 

  1. Start the transaction in your wallet software. Use wallets like Electrum, Sparrow, or Casa (a paid service).

    Important: If you’re using Electrum, Sparrow or any other non-custodial wallet, you’ll need the extended public key (XPUB) for each key in your keyset, not just the keys required to sign. If you do not have the XPUB for every single key used to set up the wallet, you will not be able to send your transaction or access your wallet. Paid services like Casa store your XPUBs as well as some keys for you, simplifying the process and reducing the likelihood of user error. 

  2. Sign the transaction from multiple devices. Each participating device needs to approve the transaction.

  3. Send the transaction once enough devices have signed. The transaction will be broadcast to the blockchain.
     

Types of multisig wallets: choosing the right one for your needs


Multisig is a diverse wallet type that can be applied many different ways. In principle, it’s just a series of wallets that need to collaborate to unlock access to funds. Lets look some the different types of multisig setups.


Multisig wallets allow for flexible setups. One of the most popular configurations is 2-of-3:
 

  • In a 2-of-3 wallet, you have three keys, and you need any two of them to successfully send a transaction. This is known as the threshold.
  • Another popular setup is 3-of-5, where you have five keys, but only need a threshold of three to access the funds.
 

You should choose your setup based on your personal needs. Most users find 2-of-3 or 3-of-5 setups to be secure without being overly complex.
 

If you start with a 2-of-3 setup and decide to move to a 3-of-5, you will need to move your funds to a brand new multisig wallet. For more information about this, please read the section called Lost/compromised keys & key rotations.
 

Balance security with practicality. While security is crucial, it’s equally important to maintain ease of access to your funds. If you’re an individual managing a wallet, a multisig setup with more than 5 keys is likely too complex and unnecessary, and will increase the chances of you losing access to your funds due to human error.

 

How to set up and use a multisig wallet

 

Creating the multisig wallet yourself


Although Trezor Suite doesn’t support multisig wallets directly, you can create multisig wallets using desktop wallets like Electrum. Learn more about this process here.


For many users, managing a multisig wallet independently can be challenging. Multisig setups are complex. There’s a higher risk of errors that could result in lost access, and securely distributing keys across multiple locations can be difficult.


For a comprehensive tutorial on setting up Trezor with Electrum and creating a multisig wallet, please watch the following video:
 

 

Using a hybrid custodial wallet like Casa


Services like Casa (compatible with Trezor devices) offer a simpler solution. With Casa, a third party holds some of the keys, allowing you to benefit from multisig security without managing all the keys yourself. This “hybrid” approach can be a good option for those who want multisig security but aren’t fully comfortable with the setup process or the full responsibility of managing every one of their keys and their XPUBs.
 

One of the advantages here is that the custodian is not able to access your funds without your key. For example, in a Casa 2-of-3 setup, Casa holds one key, one key is stored in the cloud storage of your mobile device, and one key is stored on your hardware wallet.
 

In practice, this means that if you lose your hardware wallet and backup, you collect the key managed by Casa and the key stored in your cloud and have a second option to access your funds.

Another benefit of using Casa is the ability to set up inheritance planning. Multisig wallets can be complex and difficult for beneficiaries to manage if something happens to the wallet owner, but Casa simplifies this process to ensure funds are accessible.
 

Hybrid self-custody solutions trade some control over your funds for added convenience and support. Carefully consider this tradeoff between security and ease of use before choosing the right solution for your needs.


These services vary in cost depending on the complexity of your setup and level of service they provide, so it’s important to decide if the added convenience and shared custody are worth it for you.
 

Real-world example of multisig in action


Imagine you and two colleagues run a business, and your Bitcoin earnings are stored on an exchange. Recognizing the risks—hacks, frozen accounts, or exchange shutdowns—you decide to move your funds into a multisig wallet for greater security and control.
 

You set up a 2-of-3 multisig wallet, where three unique keys are created, and any two are required to approve a transaction. Each of you holds one key, with backups stored in secure, separate locations. This setup is ideal for scenarios where collaboration is required for financial decisions:
 

Scenario 1: A key is lost

One of your colleagues loses their key. With a 2-of-3 setup, the other two keys can still approve transactions (assuming all three XPUBs are accessible) and you can create a new multisig wallet to rotate the lost key out, ensuring your funds remain secure.
 

Scenario 2: Preventing unauthorized access

No single person can unilaterally access or move funds, preventing unauthorized transactions if one keyholder’s credentials are compromised.
 

Scenario 3: Ensuring continuity during unavailability


If one partner is traveling or unreachable, the remaining two can still manage business expenses or approve critical transactions.
 

A multisig wallet not only adds a layer of security but also promotes shared accountability. For businesses or groups managing shared funds, it’s a practical way to reduce a single point of failure and secure funds.
 

Multisig wallet security: how safe is multisig for Bitcoin storage?


Multisig is a secure way to store your Bitcoin, as it removes the risk of a single point of failure. By requiring multiple keys to authorize a transaction, it provides protection against losing access to your funds from human error or a stolen wallet backup. However, managing multiple keys adds complexity and introduces additional risks if not handled carefully.
 

For instance, if you lose your extended public key (XPUB), you won’t be able to send transactions, even if you still have enough private keys to meet the threshold.
 

While multisig is a powerful tool for distributing risk, we recommend starting with a SLIP39/Shamir backup if you’re new to managing multiple sources of backup information. SLIP39 is easier to work with, and it allows you to upgrade your setup without the need to move your funds, and does not require you to manage any XPUBs.
 

Multisig vs. Shamir backup/SLIP39


Multisig can be compared to SatoshiLabs’ SLIP39 standard. Both methods help distribute risk and avoid a single point of failure. However, multisig is a more advanced setup that typically requires technical knowledge or trusting a third party with some of your keys. SLIP39, on the other hand, is simpler to set up, requires only one hardware wallet, and is the standard backup method for newer Trezor devices.


The key difference lies in their purpose and application:
 

  • Multisig is designed for active wallet security, requiring multiple keys to sign a transaction. It is generally a more appropriate solution for a business or corporate treasury.
  • Shamir backup focuses on backup and recovery, ensuring that losing one share doesn’t compromise access to your funds.


If you need multiple people to approve transactions, multisig is likely the better option. But if you’re an individual looking to add extra security by reducing a single point of failure, we recommend using a SLIP39 Shamir backup.
 

Transaction fees in multisig wallets vs. SLIP39

In a multisig wallet, transaction fees are determined by the size of the transaction in bytes, rather than the amount of Bitcoin being sent. Since multisig setups involve multiple keys, signatures, and scripts, they generate more data for each transaction. Here’s why this matters:
 

  • More Data Per Transaction: A single-signature wallet only includes one key and one signature in its transaction data. In contrast, a multisig wallet must include multiple public keys, multiple signatures, and the script detailing the required threshold (e.g., 2-of-3 or 3-of-5). This significantly increases the size of the transaction.
  • Higher Fees: Because Bitcoin miners prioritize transactions based on fees per byte, larger transactions cost more to process. For example, a multisig transaction requiring three signatures may cost significantly more than a single-signature transaction of the same value. If your multisig wallet contains a lot of UTXOs, this will make the transaction even more expensive.
 

Multisig users should be especially cautious during periods of high network congestion, as fees can rise dramatically. For example, consolidating multiple UTXOs in a multisig wallet during a busy period can result in very high fees.
 

SLIP39 (Shamir backup) operates differently because it is a backup and recovery system, not an active part of the transaction process.
 

Here’s how SLIP39 avoids the fee implications of multisig:
 

  • Single Signature: SLIP39 backups are used to protect a single wallet, so transactions from a wallet using SLIP39 require only one signature. This keeps the transaction size small, similar to a standard single-signature wallet.
  • No Script Overhead: Unlike multisig, SLIP39 doesn’t involve additional scripts or keys in the transaction itself. The backup mechanism is entirely separate from the on-chain activity.
  • Consistent Fees: Generally SLIP39 transactions are regular single-signature wallet transactions (unless you create a multisig wallet from several SLIP39 wallets) fees remain predictable and lower, even during high network congestion.
 

Lost/compromised keys & key rotations


Key rotation is an essential part of maintaining a secure multisig setup over time. It involves replacing one or more keys in your multisig wallet without compromising access to your funds. This process can be necessary for various reasons, such as a lost or compromised key, routine security updates, or simply upgrading to newer hardware or a new multisig setup, such as changing a 2-of-3 to a 3-of-5.
 

In a multisig wallet, each key is critical to the security of your funds. If you lose a key or suspect it may be compromised, you should immediately rotate that key to ensure the integrity of your setup. This means creating a new key, adding it to your multisig wallet, and removing the old one. Unfortunately, this process typically requires creating an entirely new multisig wallet and transferring your funds to it, as most wallet software does not support in-place key replacement for security reasons.
 

Key rotation can also be a proactive measure to enhance security. For example, if you are using older hardware or software that may no longer meet modern security standards, replacing those keys ensures your setup remains resilient against emerging threats.
 

Best practices for key rotations:
 

  • Always verify the new keys on trusted hardware wallets like Trezor before adding them to your setup.
  • Store backups for all new keys securely and distribute them across multiple locations for redundancy.
  • Perform key rotations during low-fee periods to minimize transaction costs when transferring funds to a new wallet.


If key rotation seems overwhelming, consider starting with a SLIP39 Shamir backup, which allows you to upgrade your setup or replace shares without moving funds. While key rotations are a vital part of maintaining multisig wallets, they require careful planning and execution to avoid mistakes that could result in loss of funds.
 

Warning: Since a key rotation involves moving funds, there is also a chance you may have negative impacts on your privacy from an unintentional UTXO consolidation. For more information, please read our article about UTXOs.


Multisig wallet FAQs for beginners

What happens if I lose one key in a multisig setup?


If you lose one key in a multisig setup, you should still be able to recover your funds, as long as the number of required signatures (threshold) is lower than the total number of keys and you have the XPUBs of every single key. However, losing a key reduces your margin of safety, so it’s best to move your funds to a new wallet with fresh keys immediately (see the above section about key rotation).
 

Warning: If you don’t save your XPUBs, losing one key will cause you to lose your funds, even if you have enough private keys to theoretically unlock the multisig wallet!


Can I use multisig with Trezor Suite?


You can use your Trezor device as a key in a multisig setup; however, Trezor Suite does not directly support managing multisig wallets.


To set up and manage a multisig wallet with your Trezor, you’ll need to use a third-party wallet such as Electrum or Casa, which are compatible with Trezor devices and support multisig configurations.
 

What are the risks of managing a multisig wallet independently?


Managing a multisig wallet independently requires diligence. You’ll need to maintain multiple hardware devices and backups, keep firmware up to date, and ensure that your backups are accessible in case firmware updates wipe a device. Additionally, you’ll need to store each device’s extended public keys (XPUBs) to enable signing transactions, which adds to the complexity. Even if you have all your private keys, without your XPUB, you will not be able to send a transaction!
 

Can I switch from a single-signature wallet to a multisig wallet without moving my funds?


No, moving to a multisig wallet requires creating a new wallet with new keys and transferring your funds there. However, if you’re using a SLIP39 Single-share Backup, you can easily upgrade to a SLIP39 Multi-share Backup without moving your funds.
 

Can I use wallets with a SLIP39 Multi-share Backup as individual keys in a multisig wallet?


While technically possible, using SLIP39 Multi-share Backups as individual keys in a multisig setup is not recommended, as it adds significant complexity and increases the risk of setup errors.
 

Does a multisig setup affect my on-chain privacy?

Multisig wallets are identifiable on-chain. You can recognize potential multisig Bitcoin addresses by their format and script.
 

  • Legacy multisig addresses (P2SH): These start with "3."
  • Native SegWit multisig addresses (P2WSH): These start with "bc1" and are longer than regular single-signature Bech32 addresses


However, it’s important to note that not all addresses that start with 3 or bc1 are multisig addresses. Multisig wallets use special scripts that specify spending conditions, such as requiring multiple signatures. You can confirm if an address is multisig by inspecting its script or related transactions using tools like Bitcoin Core or blockchain explorers, which show the multiple signature requirements.
 

Security tips for using multisig wallets


Security is your top priority when managing a multisig wallet. Here are some key tips to help you protect your funds and keep your multisig setup safe:
 

Distribute keys across secure locations

  • Avoid keeping all your keys in one physical location to prevent loss or theft.
  • Store keys in geographically separate, secure places such as a safe deposit box, home safe, or trusted third-party location.
  • If you’re using a 2-of-3 setup, make sure losing two keys in one incident (e.g., a fire) isn’t possible.
 

Use trusted hardware wallets 

  • Always generate and store private keys on reputable hardware wallets, like Trezor devices.
  • Keep firmware updated to protect against known vulnerabilities, and ensure you have access to all backups in case the update wipes a device.
  • Ensure the hardware wallet itself is genuine by purchasing it directly from the official website or a trusted reseller.
 

Protect your XPUBs

  • Extended public keys (XPUBs) are critical for constructing transactions using multisig wallets. Without them, you cannot send funds even if you have enough private keys to meet the threshold.
  • If you have all the private keys, you can reconstruct the wallet from all the XPUBs.
  • Back up XPUBs in a secure, offline location alongside your wallet backups.
  • Avoid sharing XPUBs with untrusted parties to minimize the risk of leaking wallet details.
 

Test your wallet backups

  • Conduct regular recovery drills to ensure you can access your funds if a wallet backup or device is lost.
  • Use test wallets with small amounts of funds to simulate recovery steps and identify potential issues.
 

Limit address reuse

  • Avoid reusing the same address for multiple transactions, as this can compromise your on-chain privacy.
  • Use different receiving addresses to prevent linking your funds to a single identity or balance.
 

Be cautious of UTXO consolidation

  • Consolidating UTXOs in a multisig wallet can reveal your total balance on-chain. Only consolidate UTXOs when necessary, and do so during low-fee periods.
  • Use privacy-focused practices like coin control features in wallets to avoid unintended disclosures.
 

Avoid sharing access details 

  • Never share private keys, XPUBs, or backup locations with anyone you don’t fully trust.
  • Educate all parties involved in a shared multisig setup about the importance of security practices.
 

Is multisig right for you?


Multisig wallets offer enhanced security but are complex to set up and require a certain level of technical skill. If you’re new to Bitcoin but interested in using a multisig wallet, it’s entirely possible with some guidance. Genereally, these setups are most appropriate for groups of people who need to control a wallet collectively, such as in the case of a business or corporate treasury. 


Services like Casa can help you set up a multisig wallet, with Casa holding some of the keys. This approach provides a good mix of self-custody and support, allowing you to use your Trezor device with a Casa wallet while benefiting from their personal assistance. These are paid services, making them a useful option for those looking to reduce private key risks with a bit of external help.


For users interested in handling their multisig wallets independently but concerned about the technical aspects of multisig, SatoshiLabs’ SLIP39 backup standard might be a simpler alternative. SLIP39 offers many of the security benefits of multisig by reducing single points of failure, with additional advantages:
 

  • You can easily upgrade your setup without moving your funds.
  • No XPUB is needed to send funds.
  • Only one device is required.
  • Sending funds is simpler since only one signature is needed.


To learn more about SLIP39 and how it compares to multisig, check out our articles on Single-share and Multi-share Backup options.
 

Final thoughts


Multisig is a powerful tool for enhancing the security of your Bitcoin by requiring multiple keys to authorize transactions. It significantly reduces the risk of losing access to your funds due to a single point of failure, making it an excellent choice for those ready to take their self-custody setup to the next level. However, the added complexity of managing multiple keys, devices, and backups means it may not be ideal for everyone, especially beginners.
 

If you’re new to self-custody, consider starting with a SLIP39 Multi-share Backup. It offers similar protection against single points of failure while being easier to set up and manage. As you gain confidence and experience, you can explore whether multisig fits your specific needs for added security and key distribution.
 

Ultimately, the choice between multisig and SLIP39 comes down to your individual requirements, level of technical comfort, and the balance you want between convenience and security. Whatever you choose, Trezor devices are here to support your journey toward empowerment through self-custody!