I would say I’m generally a jovial person, but if I woke up and realized I’d lost 7500 Bitcoins, I would encourage the rest of the world to back away slowly without making any sudden movements. Fortunately for the public good this hasn’t happened to me, but it did happen to an unfortunate fellow named Jeremy Howells. He became semi-notorious in the Bitcoin community for accidentally disposing of his hard drive with the keys to all his Bitcoins on it.
We’re still in the early stages of Bitcoin’s life cycle, and five years is like the blink of an eye in currency-years. There is a strong trend toward mass adoption (5 million wallets growing 8x year over year, according to Mary Meeker’s annual report), but we’re not there yet. As things currently stand, there’s a fundamental disconnect in usability and control. You can choose to keep your private keys yourself in what is known as a client-side wallet, or you can hand them over to another party that stores them for you in a web wallet. When you do the latter, you’re trusting that they are taking appropriate security measures, and keeping at least the majority of your Bitcoins in cold storage. Unfortunately, Mt. Gox and other recent fiascos prove that this isn’t always the case, which is why the safest thing to do is probably to diversify your holdings by using a variety of wallets so if one gets hacked, you don’t lose everything.
You probably like things to be easy; most people do. Many users simply don’t want the headache of thinking about security, which is the appeal of a full-service solution that stores your private keys for you. The issue is problematic for more advanced or tech-savvy users, who generally want a heightened degree of security without sacrificing the ability to keep control of their assets.
Conveniently enough, the Bitcoin protocol can accommodate such a tall order. Pay to Script Hash (P2SH) is a type of Bitcoin address that was introduced as part of Bitcoin Improvement Proposal 16 (also known as BIP 16), as of early 2012. P2SH addresses can be secured using a more complex algorithm than standard addresses and involve the use of multiple Elliptic Curve Digital Signature Algorithm (more commonly known as ECDSA) keys, rather than only one.
Multi signature wallets allow users to maintain direct control over their Bitcoins while also removing some of the security burden from them. In the event that one of their private keys is lost or stolen, it’s no longer a catastrophe. The concept in m-of-n signature schemes is fairly simple, at least at an abstract level—in order to complete a transaction, more than one private key (m) is needed out of a total number generated (n). In a 2-of-3 scenario, you would need two out of a total of three keys to withdraw money, but the process for deposits is the same as it would be for a standard address. You can then approach distributing and storing the keys in various ways. You could hold one key, you could give one (the backup) to a trusted friend or relative, or even store it yourself in a different location from the “main” key, and the third key would be held by yet another party, such as the company offering the service. (BitGo) is at the forefront of implementing multisig addresses, so I recommend you check them out.
It’s significantly harder for someone to steal two private keys than one, which adds an additional safety net against theft, both physical and digital. It’s more secure than a traditional digital signature setup, and it also offers more protection from human error. If I accidentally go into spring cleaning overdrive and toss out my hard drive with my private keys on it, I can still access my Bitcoins using the backup key.
The reason I like multi signature addresses and wallets is that unlike having a vault that is simply insured, they use technology to secure the coins. It’s an actual advancement in the protocol that permits this type of address to be created and used. Insurance does not actually solve the problem of loss or theft—it merely corrects the wrong after the fact. It’s more bandaid than preventative care. It does not offer an advance in technology, as the burden falls on the insurance company; there’s no real gain over insuring a gold ingot, for example. I have no doubt that insurance covering Vitcoin assets will become industry standard in the next few years, but if Bitcoin ends up requiring all the same cumbersome financial infrastructure as the current system, we will have gone full circle while making little real progress.
I’ve really only looked at the application of multisignature transactions and wallets for security purposes here, but they can also be applied to escrow and transactions involving digital payment for physical goods. They can also be used in institutional or company settings, where more than one person is needed to sign off on something before funds can be released, for instance. The other applications deserve their own post so I’ll address them at a later date.