Bitcoin Security
Multisig and split backups: two ways to keep your bitcoin more secure
As the bitcoin price continues to grow, high-security storage becomes much more important. Using multi-signature addresses or split backups like Shamir’s secret-sharing are two effective ways to protect your cryptocurrency for the long-term.
Using a recovery seed is an easy way to back up your wallet offline. As long as you keep it somewhere safe, you will be able to recover your coins. But if something happens and your seed is damaged or lost, you could be permanently locked out of your wallet.
Both multi-signature and multi-share systems provide fail-safes, so you can access your coins even if one key or share is lost, depending on the method you use. There are advantages to both, depending on the type of user.
Generally, an individual will find it more convenient to use a share-based backup, while businesses might benefit from enabling signatures from different stakeholders, each with a hardware wallet of their own.
Better backup for individuals: securely splitting a recovery seed
If you own some cryptocurrency as part of your savings or business portfolio, make sure it’s safely backed up. Most people know that their recovery seed should be kept somewhere private where no-one else can access it, but it is not enough to have your recovery seed stored in a bank vault, or simply stashed among some papers.
Both those approaches are common, but the first introduces the risk that someone at the bank might gain access to your vault or let it be seized by the government. The second could see your seed being destroyed, lost or stolen, and you may not even notice. Shamir protects against the above and more.
Security is not just about protecting your valuables from others, but also about preserving access to your assets over your lifetime. If you use Shamir backup, you will be safe in the knowledge that, even if someone at the bank reads your seed or your papers get thrown out, you will still be able to recover your coins.
How Shamir backup works
When you set up your Trezor Model T from factory defaults, Trezor Suite’s onboarding process will ask if you want to create a standard seed— one 12-word or 24-word list — or advanced seed, which lets you create multiple shares of 20 words. It uses Shamir backup, an open standard SatoshiLabs created in 2017, named after the famous cryptographer, Adi Shamir, as it uses his cryptographic methods to create the shares securely.
Using Shamir backup, a wallet can be restored by combining a set number of shares together. When you create the shares, you choose how many to make and how many will be needed to restore the wallet. For example, a wallet could be created that is backed up by a total of five shares, but allows you to recover it using just three shares.
With Trezor, you can choose to create up to sixteen shares and set a custom threshold from one to sixteen shares for recovery. This makes it a very versatile method that can be used for both business and personal custody.
Simply creating three shares and requiring a threshold of two will grant your seed an extra life for very little effort, but is still fairly fragile when you consider what Shamir is capable of.
The recommended setup for using Shamir backup is a three-of-five setup. Generate five shares and set a recovery threshold of three. This way, even in the unlikely event that two of your secure, private stashes are somehow compromised, your keys won’t be. By putting shares in different secure locations you can prevent anyone from getting hold of a threshold number of shares.
Do not try to split a normal recovery seed into parts or you might make it easier to crack your seed. Shamir backup does not become less secure if you lose shares until the threshold is met.
How to protect your coins through multi-signature
Managing Bitcoin custody in a traditional business setting can be daunting. To efficiently manage stakeholder access to institutional funds, many businesses are starting to use Trezor hardware wallets in a multisignature setup. Multisig, as it’s commonly known, shares some similarities with Shamir, in that it needs a threshold number of keys to be present for any funds to be signed and broadcast.
A multisignature wallet is created by presenting a number of existing keys (which can also be generated by Shamir backup) and cryptographically combining their signatures to generate a wallet that all of them control. To sign a transaction sent from that wallet, a certain number of signatures are needed.
To learn how to create a multisignature setup of your own, please refer to this guide by Saleem Rashid about using Trezor wallets with Electrum:
Multisignature makes it easy for businesses to hold Bitcoin
Corporate structures can make it impractical and insecure to have one person with sole access to currency reserves. By holding them in shared custody secured through multiple signatures, every transaction will require at least one co-signer to be present. This can eradicate any risk of rogue actors depleting company funds.
An easy way to understand the benefits of multisig is to imagine a typical company structure where there exists a CEO, CFO and a bank. The CEO and CFO both need to access and sign off on funds held by the bank. Before, this was a matter of trust and verification. With Bitcoin, it becomes a matter of verification alone.
The CEO and CFO can both hold a hardware wallet containing keys to multisig accounts. When both present their keys for a particular account, the funds can be unlocked and transferred. But if one loses their keys, it might cause problems, so introducing a third key held by a legal entity or a company board member provides redundancy if a key is lost or inaccessible.
This multisig structure can be scaled up as necessary, with more keys and even backup duplicate wallets. Doing so makes it easy to partition funds across departments, so the efficiency that Bitcoin brings to payments can be deployed very quickly across any organization through multisig.
Collaborative custody
There are ways to relieve some of the concerns related to how to manage cryptocurrency investments. One of these is to use a trusted service provider to hold one of the keys to a multisignature account, so they can provide a signature should one of your internal keyholders be unavailable. With only one key, the external keyholder is powerless until approached by a keyholder from within the company, so funds are kept secure at all times.
In a recent case study released by Unchained Capital, the benefits of using collaborative custody are illustrated by examples from their client, BlockYard Digital Assets Fund. Not only does this method provide an easy-to-access backup, but it introduces a trusted counter-signer which makes it convenient to carry out transfers efficiently while BlockYard retains full control over funds.
Two easy, effective ways to improve security
Multisignature and Shamir backup are not mutually exclusive. All keys, multisig or otherwise, should be safely backed up in a way that avoids a single point of failure, making Shamir indispensable. Keep it simple with a three-of-five recovery share threshold and protect your funds against future unknowns.
For individuals, a multisignature setup might be appealing, but in many cases it will be excessive. Managing multiple devices incurs a greater cost and introduces room for error. Setup, backup and maintenance of the devices can quickly become complex, making it a risk to security. Shamir backup offers a much simpler yet equally secure way to protect your funds without needing to have multiple hardware wallets.
For businesses, multisignature is a convenient and secure way to take custody of Bitcoin assets and have them used by different stakeholders. With each seed backed up using Shamir, a strategy for holding cryptocurrencies can be comfortably adapted to any corporate security policy, making it easy for businesses to invest in Bitcoin for the long-term. Trezor hardware wallets let any organization or individual get set up and secured in minutes.
