Multisig, short for multi-signature, is a Bitcoin security configuration that requires M-of-N private keys to sign and authorize a transaction. For example, a 2-of-3 multisig requires any two of three designated private keys to sign before funds can move. This removes the single point of failure that every standard single-key wallet has - no one stolen or lost key can compromise your funds.
Standard Bitcoin wallets rely on one private key. If that key is lost, corrupted, or stolen, the outcome is simple and permanent: the funds are gone or accessible to an attacker. Multisig was designed to solve this problem. By distributing signing authority across multiple keys - and requiring a minimum threshold to be met before any transaction is valid - multisig introduces redundancy without sacrificing security. It is used by individuals protecting significant savings, companies managing shared Bitcoin treasuries, and escrow arrangements where no single party should have unilateral control.
The M-of-N Model Explained
The defining feature of any multisig setup is the M-of-N threshold. N is the total number of keys that are part of the multisig. M is the minimum number of those keys that must sign to authorize a spend. This simple relationship creates a range of security configurations depending on how M and N are set.
| Setup | Keys Required to Sign | Keys That Can Be Lost | Common Use Case |
|---|---|---|---|
| 1-of-2 | 1 of 2 | 1 | Convenience redundancy (not high security) |
| 2-of-3 | 2 of 3 | 1 | Personal self-custody, small businesses |
| 3-of-5 | 3 of 5 | 2 | Corporate treasury, inheritance setups |
| 2-of-2 | 2 of 2 | 0 | Two-party escrow (both must agree) |
The 2-of-3 setup is by far the most widely used configuration for personal Bitcoin custody. It threads the needle between security (no single key compromise can drain funds) and resilience (one key can be lost without losing access).
Why Multisig Matters for Security
The primary threat to a single-key Bitcoin wallet is that it has exactly one failure mode: lose or expose the key, and everything is gone. That single point of failure is true whether the key is on a hardware wallet, written on paper, or stored in software. Physical theft, a house fire, a flood, or a sophisticated phishing attack can all result in permanent loss.
Multisig eliminates that by requiring an attacker (or an accident) to compromise multiple keys - and those keys are typically stored in different locations on different devices. The attacker would need to breach your home hardware wallet, your bank safety deposit box copy, and a device held by a trusted family member - all without being detected before you move funds. That is a materially harder attack surface than a single key.
For inheritance planning, multisig also provides a structured path to hand off Bitcoin. A 2-of-3 where one key belongs to an estate attorney, one to the owner, and one to a beneficiary means funds can be recovered after death without requiring the beneficiary to obtain the owner's personal key during their lifetime.
Use Cases for Multisig
Multisig is not just for large holdings. Any situation where single-key risk is unacceptable benefits from a multisig structure.
Personal Self-Custody
Individuals with significant Bitcoin savings use 2-of-3 to protect against hardware wallet failure, theft, and loss while maintaining sole control.
Corporate Treasury
Companies holding Bitcoin on their balance sheet use 3-of-5 or similar setups to prevent any single employee from unilaterally moving funds.
Escrow Arrangements
A 2-of-3 with a neutral third-party arbitrator allows buyer and seller to transact peer-to-peer - the arbitrator only signs if there is a dispute.
Inheritance Planning
A carefully structured multisig allows heirs to recover Bitcoin after death without giving them access during the owner's lifetime.
How a Multisig Transaction Works
When you create a multisig wallet, the wallet software combines the public keys of all N participants to generate a special Bitcoin address locked by a script - specifically a Pay-to-Script-Hash (P2SH) or the more modern Pay-to-Witness-Script-Hash (P2WSH) address. This address looks like any other Bitcoin address from the outside.
When you want to spend from the multisig, you create a partially-signed Bitcoin transaction (PSBT). The PSBT is passed to each required signer, who adds their digital signature with their private key. Once M signatures are collected and the transaction is fully signed, it can be broadcast to the Bitcoin network. The network verifies that the required number of valid signatures are present against the script before confirming the transaction.
The keys never need to be in the same place or connected to the same device at the same time. Each signer can review and sign the transaction independently - on their own hardware wallet, in their own location - before the completed transaction is assembled and broadcast. This is what makes multisig viable for geographically distributed teams and security-conscious individuals who do not want any signing key to ever touch an internet-connected device.
Tools and Wallets That Support Multisig
Several high-quality Bitcoin wallets and custody services make multisig setup accessible even for non-technical users.
- Sparrow Wallet - A free, open-source desktop wallet with comprehensive multisig support. Sparrow allows you to set up your own 2-of-3 or any other configuration using multiple hardware wallets. It is the most popular choice for self-custodied multisig among technically informed Bitcoiners.
- Casa - A Bitcoin security company that specializes in multisig custody for individuals. Casa's service includes guided setup, key recovery assistance, and a mobile app that works with hardware wallets. Well-suited for users who want multisig without managing the coordination themselves.
- Unchained Capital - Offers collaborative custody, where Unchained holds one key in a 2-of-3 setup while the user holds two. This means neither party alone can move the funds, but Unchained can assist with recovery if the user loses a key.
- Electrum - One of the oldest Bitcoin wallet clients, Electrum has had multisig support for years and remains a capable option for users comfortable with more technical setup processes.
For most individual users who are new to multisig, starting with Sparrow Wallet and two hardware wallets (such as a Coldcard and a Trezor) gives strong security with full self-custody and no third-party dependency.
Learn Bitcoin The Visual Way
Bitcoin From Scratch covers private keys, wallets, and self-custody in plain language backed by 3D animation. 34 lessons - from the history of money all the way to the Lightning Network.
Get Bitcoin From Scratch - $97Frequently Asked Questions
What is multisig in Bitcoin?
Multisig, short for multi-signature, is a Bitcoin security feature that requires more than one private key to authorize a transaction. Instead of a single key controlling a wallet, multisig sets up an M-of-N rule: M keys must sign out of a total of N keys. For example, a 2-of-3 multisig requires any two of three designated keys to sign before funds can move.
How does a multisig wallet work?
A multisig wallet is created by combining the public keys of all participating signers into a special Bitcoin script. When someone initiates a transaction, it is passed to each required signer, who signs it with their private key. Once the required number of signatures are collected, the transaction is complete and can be broadcast to the Bitcoin network for confirmation.
What is a 2-of-3 multisig?
A 2-of-3 multisig setup creates three private keys, any two of which are sufficient to authorize a transaction. This is the most popular configuration because it eliminates single points of failure - you can lose or damage one key and still access your funds - while ensuring that any single compromised key cannot be used to steal funds without a second key.
Is multisig safer than a regular wallet?
For significant amounts of Bitcoin, yes. A standard single-key wallet is vulnerable at one point: if that key is lost, stolen, or compromised, the funds are gone or accessible to the attacker. Multisig distributes that risk. An attacker must compromise multiple keys - typically stored in separate locations or devices - to steal funds.
What happens if I lose one key in a multisig?
In a 2-of-3 multisig, losing one key does not prevent you from accessing your funds. You still have two keys, which meets the signing requirement. You should regenerate the lost key and refresh your setup as soon as possible to restore your safety margin. In a 3-of-5, you can tolerate losing up to two keys before access is at risk.