Multi-Signature Wallet
A multi-signature wallet (multisig) is a cryptocurrency wallet that requires approval from multiple private keys before a transaction can be executed, distributing control over funds across multiple parties or devices and eliminating the single-point-of-failure risk associated with standard single-key wallets.
Standard cryptocurrency wallets are controlled by a single private key: whoever possesses that key can sign transactions unilaterally and move all funds in the wallet without any other authorization. This simplicity is powerful but creates extreme concentration of risk — key theft, loss, or coercion targeting a single keyholder can result in total loss of funds. Multisig wallets solve this by requiring a defined threshold of multiple keys to sign any outgoing transaction.
The most common configuration is M-of-N multisig, meaning that any M keys out of a set of N designated keys must jointly authorize a transaction. A 2-of-3 multisig requires any two of three keyholders to sign, providing both security (an attacker must compromise two independent keys) and redundancy (one keyholder losing their key does not freeze funds). Typical configurations include 2-of-3 for personal wallets or small teams, 3-of-5 or 4-of-7 for protocol treasuries where more signers provide greater decentralization, and 5-of-9 or higher for large on-chain treasuries managed by DAOs with institutional participants.
Safe (formerly Gnosis Safe) is the dominant multisig wallet infrastructure on Ethereum and EVM-compatible chains, securing billions in value across DeFi protocols, DAO treasuries, and institutional crypto custodians. Its smart contract architecture allows arbitrary transaction execution, not just simple token transfers — multisig signers can jointly call any function on any contract, making it the standard tool for protocol upgrades, treasury deployments, and parameter changes that require multi-party authorization.
Multisig is a foundational security practice for DeFi protocols. A protocol that can be upgraded or drained by a single developer key is categorically more risky than one protected by a multisig with a time delay (a timelock). A timelock adds another layer of security by requiring that approved transactions wait for a specified period — often 24 to 72 hours — before execution, giving the community time to detect and respond to malicious or mistaken proposals before they take effect.
From a regulatory standpoint, multisig arrangements that involve multiple parties controlling funds on behalf of others may implicate money transmission and custody regulations in the United States. The OCC, FinCEN, and state regulators have examined the custody question in the context of qualified custodian rules for investment advisers holding client crypto assets. For institutional participants navigating US regulatory requirements, the custody structure of multisig arrangements — particularly whether any single party can unilaterally move funds — is a legally material question in determining applicable regulatory obligations.