Multisig
Multisig (multi-signature) is a Bitcoin spending condition that requires multiple private keys to authorize a transaction. A common configuration like 2-of-3 means any 2 out of 3 designated keys must sign before funds can be moved.
How It Works
In a multisig setup, a Bitcoin script defines that M out of N keys must sign a transaction. The most common configuration is 2-of-3: three hardware wallets (such as COLDCARD) are set up as signers, and any two must approve a transaction for it to be valid. This protects against loss (one device can be destroyed and funds are still accessible) and theft (compromising a single device is not enough to steal funds).
Setting up multisig requires careful coordination. Each signing device generates its own keys, and the wallet descriptor — containing all public keys and the quorum configuration — must be backed up alongside each seed phrase. Losing the descriptor or forgetting the exact configuration can make recovery extremely difficult. Tools like Bitcoin Core, Sparrow, and Nunchuk simplify this process, but it still demands more technical competence than single-sig.
The trade-off with multisig is complexity in exchange for dramatically better security. You need multiple devices, multiple secure storage locations, and a clear recovery plan. For large holdings, this trade-off is absolutely worth it. A 2-of-3 multisig with devices stored in geographically separated locations is the gold standard for self-custody. Consider adding a passphrase to each key for an additional security layer.
Key Points
- Requires M-of-N keys to sign, eliminating single points of failure
- 2-of-3 is the most common configuration — balances security with practical recovery
- Wallet descriptors must be backed up alongside each seed phrase
- Geographic distribution of signing devices protects against physical threats
- Gold standard for securing significant bitcoin holdings in self-custody