How does a multisig wallet work?

A multisig wallet uses an M-of-N configuration, where N is the total number of key holders and M is the minimum number of signatures required. For example, a 2-of-3 multisig has 3 key holders and requires any 2 of them to sign before a transaction can execute. One signer proposes a transaction, then other signers review and co-sign until the threshold is met.

Why do DAOs use multisig?

DAOs use multisig wallets to manage treasury funds because they enforce collective decision-making. No single person can unilaterally move funds — a majority of elected or appointed signers must agree. This provides accountability, reduces theft risk, and aligns with the decentralized governance principles that DAOs are built on.

Is multisig safer than a regular wallet?

In most scenarios, yes. A multisig wallet eliminates the single point of failure inherent in regular wallets. If one key is lost, stolen, or compromised, the attacker still cannot move funds without the other required signatures. However, multisig adds complexity — if not enough signers are available, funds can become inaccessible.

What is a 2-of-3 multisig?

A 2-of-3 multisig is a wallet controlled by 3 private keys where any 2 of the 3 must sign to authorize a transaction. This is the most common multisig configuration for personal use: you might store 3 keys in different locations, and if one is lost or compromised, the remaining 2 can still access and move your funds.

What is the difference between multisig and MPC?

Multisig requires multiple separate keys to sign a transaction, with each signature visible on-chain. MPC (Multi-Party Computation) splits a single key into shares distributed among multiple parties — no single party ever holds the complete key, and the transaction appears as a normal single-signature transaction on-chain. Both solve the same problem (removing single points of failure) but use fundamentally different cryptographic approaches.

What Is a Multisig Wallet? Multi-Signature Security Explained

Q: What is a multisig wallet?

A multisig (multi-signature) wallet is a cryptocurrency wallet that requires multiple private keys to authorize a transaction. Instead of one person controlling the funds with a single key, a multisig wallet requires agreement from several key holders before any funds can be moved.

How multisig works: the M-of-N model

Every multisig wallet is defined by an M-of-N configuration, where N is the total number of key holders and M is the minimum number of signatures required to authorize a transaction. The process works as follows:

Setup. The multisig wallet is created with N designated signers, each holding their own private key. The threshold M is set at creation — this is the minimum number of signatures needed to move funds.
Proposal. When someone wants to send funds, one signer creates and signs a transaction proposal. This proposal does not execute immediately — it waits for additional signatures.
Co-signing. Other signers review the proposed transaction. Each signer who agrees adds their signature. Once M signatures have been collected, the threshold is met.
Execution. With enough signatures collected, the transaction is executed on-chain and funds are moved. If the threshold is never reached, the transaction remains pending or is eventually rejected.

Common multisig configurations

Configuration	Typical use case	How it works
2-of-3	Personal security	3 keys stored in different locations. Any 2 can move funds. If one is lost, you still have access.
3-of-5	Teams and DAOs	5 team members hold keys. A majority of 3 must agree on every transaction. Prevents any minority from acting alone.
5-of-9	Protocol treasuries	9 community-elected signers. A supermajority of 5 is required. Used for high-value treasuries where broad consensus is essential.

Use cases for multisig wallets

Personal security

You hold 3 keys stored in different physical locations — perhaps one at home, one in a bank safe, and one with a trusted family member. If one key is lost or compromised, the other two can still authorize transactions. There is no single point of failure, and no single theft event can drain your funds.

Business and team funds

A company treasury might require the CFO and CEO to both sign before funds move. No individual employee can unilaterally spend company crypto. This mirrors the dual-signature checks that traditional businesses have used for decades.

DAO treasuries

Decentralized organizations use multisig to manage community funds. Protocol treasuries worth millions or billions of dollars are controlled by community-elected signers. Major spending decisions require majority agreement, aligning fund management with the DAO's governance principles.

Custody services

Some custodial services use multisig where the user holds one key and the custodian holds another. Neither party can move funds independently. This hybrid model gives the user more control than pure custodial storage while still providing professional key management.

Major multisig solutions

Safe (formerly Gnosis Safe)

Safe is the dominant multisig solution on Ethereum and EVM-compatible chains. It is used by major DAOs, DeFi protocols, and institutional investors, managing hundreds of billions of dollars in collective assets. Safe operates as a smart contract deployed on-chain: you interact with it through a web interface, propose transactions, and collect signatures from co-signers. It supports any ERC-20 token, NFTs, and complex DeFi interactions. Nearly every major protocol treasury on Ethereum runs through a Safe.

Squads

Squads is the leading multisig platform on Solana, providing similar functionality to Safe but built natively for the Solana ecosystem. Teams and DAOs on Solana use Squads to manage treasuries, program upgrades, and operational funds with multi-signature security.

Bitcoin native multisig

Multisig capability is built directly into the Bitcoin protocol. Bitcoin multisig addresses typically begin with "3" (P2SH format) or "bc1" (native SegWit format). Unlike Ethereum-based multisig wallets, which are smart contracts, Bitcoin multisig is enforced at the script level within the protocol itself. Several dedicated Bitcoin multisig services — including Unchained, Casa, and Nunchuk — offer user-friendly interfaces for setting up and managing Bitcoin multi-signature wallets.

Advantages of multisig

No single point of failure. The fundamental benefit. No single lost, stolen, or compromised key can result in loss of funds, as long as the threshold is not breached.
Theft protection. An attacker who compromises one key cannot move funds. They would need to independently compromise M keys — a dramatically harder task.
Governance and accountability. Multisig enforces collective decision-making. Every transaction is visible to all signers, and no individual can act unilaterally. This creates a natural audit trail.
Recovery from key loss. If you lose one key in a 2-of-3 setup, the remaining two keys can still move funds to a new wallet. This is a critical advantage over single-key wallets, where losing the key means losing everything.

Disadvantages and trade-offs

Slower transactions. Every transaction requires coordination among multiple signers. A simple transfer that takes seconds with a regular wallet might take hours or days as you wait for co-signers to review and approve.
More complex setup. Creating a multisig wallet, distributing keys, and establishing signing procedures requires more technical knowledge and coordination than setting up a standard wallet.
Gas costs. On Ethereum and other EVM chains, multisig transactions involve smart contract interactions that consume more gas than simple transfers. Each additional signature adds to the cost.
Availability risk. If not enough signers are available — due to lost keys, unresponsive team members, or disagreements — funds can become effectively locked. A 3-of-5 multisig where 3 signers lose their keys means the remaining 2 cannot access the funds, ever.

Multisig in DeFi protocols

Beyond wallet security, multisig plays a central role in DeFi protocol governance. Many protocols use multisig wallets for administrative functions: upgrading smart contracts, adjusting protocol parameters (interest rates, collateral ratios), pausing operations in emergencies, and managing treasury funds.

The configuration of these multisig wallets directly affects the protocol's sovereignty risk. A protocol controlled by a 2-of-3 multisig with anonymous signers is very different from one with a 5-of-9 multisig with known, public signers. The former concentrates control among a small, unaccountable group. The latter distributes power and creates accountability. When evaluating any DeFi protocol, the multisig setup — who the signers are, how many are required, and whether they are publicly known — is one of the most important security considerations.

Multisig vs MPC wallets

Multi-Party Computation (MPC) is an alternative approach to the same fundamental problem: eliminating single points of failure in key management.

Factor	Multisig	MPC
How it works	Multiple separate keys each sign the transaction independently	A single key is split into shares — no party ever holds the complete key
On-chain footprint	Multiple signatures visible on-chain; uses a smart contract (on EVM chains)	Appears as a normal single-signature transaction on-chain
Gas cost	Higher (smart contract interaction, multiple signatures)	Standard (looks like a regular transaction)
Key reconstruction	Keys are independent — no single key is ever assembled from parts	Key shares are combined in a cryptographic computation without reconstructing the full key
Used by	DAOs, teams, personal security (Safe, Squads)	Institutional custodians (Fireblocks, Coinbase, etc.)

Both approaches are valid solutions to key management security. Multisig is more transparent and battle-tested in the DeFi world. MPC is favored by institutional custodians for its lower on-chain costs and privacy. For most individual users and DAOs, multisig remains the more accessible and widely supported option.

Viewing multisig wallet portfolios with CleanSky

Multisig wallets like Safe are smart contracts deployed at regular blockchain addresses. CleanSky can read any multisig wallet address the same way it reads any other address — paste the Safe address or any other multisig contract address and see all tokens, DeFi positions, and protocol exposures in one organized view. Whether the address belongs to a personal hardware wallet, a hot wallet, or a multi-signature contract, CleanSky treats it the same: a complete, read-only portfolio analysis with no wallet connection required. For more on how addresses work, see our guide on crypto addresses.

For teams and DAOs, this means you can monitor your multisig treasury without connecting the Safe interface — just paste the address and get a full breakdown of holdings, DeFi positions, and risk exposure. Learn more about evaluating protocol and portfolio risks in our staying safe guide.

Analyze any multisig wallet — see all tokens, DeFi positions, and risk exposure in one view.

Try CleanSky Free →