What we call a Bitcoin is simply an unspent, signed transaction on the blockchain. (Technically called a UTXO, for Unspent Transaction (TX) Output.)
When you say you own such many Bitcoins, it means one or more transactions were signed, using private keys, directing a certain number of Bitcoins to your address.
How this signature process works, and the concept of multisignature systems, are the topics of this post where we look at the basics of asymmetric cryptography.
This ELI5 article is targeted at the investor or crypto hobbyist. To make it as simple as possible, we avoid the math and complicated technicalities as much as possible.
Cryptography has always been about hiding information in plain sight. Ancient soldiers would tattoo coded messages on their skin and then attempt to cross enemy lines to deliver the messages to allies on the other side of a battlefield. Many times they were captured, tortured and their secrets revealed. Other times they would get through and deliver the valuable intelligence.
Cryptography has always been tied to the military since its very first use was as a weapon of war. Today, we see cryptography as an instrument for privacy, for electronic commerce and, of course, for cryptocurrency systems, but it wasn’t always like that. The main point to know about cryptography is that it always involved a secret that would open the coded message up. This is called symmetric cryptography, and the symmetry lies in the key used to open the message: the same secret used to encode the message on one side of the battlefield was used to decode it on the receiver side.
Fast forward past tons of cryptographic history and in the 1970’s some really bright mathematicians, from both in the UK and USA, invented a system where the keys used to encode and decode messages were different. This was a revolutionary concept that allowed people who had never met to exchange secure messages. All they had to do was exchange a non-secret and then they could use a secret to exchange messages safely. This was an absolutely ground breaking discovery which sent shockwaves across the intelligence community.
Then came the decade of 2000 and a guy called Satoshi decided to use this military-grade technology as part of an interesting experiment called Bitcoin. In Bitcoin, instead of using the public and the secret part of the cryptographic keys to sign secret messages, asymmetric cryptography was used to say “hey, this transaction really is mine”. Receivers of coins could make their public key known through something called a “Bitcoin address”. And there you have it: public key cryptography brilliantly applied to digital money transfers.
All this is fine and dandy, but what about a corporate Bitcoin address that must be managed by several executive board members? Maybe the governance rules state that any financial transfer must be signed by at least 3 members of the board. Maybe there’s been a revolution and the founding fathers of the cryptocurrency age need to sign a new constitution for Cryptopiland. How do you make the multiple signature requirement work with a public key cryptography system?
Multisignature systems employ principles of public key cryptography to enable a secret to be decoded only when a certain number of secret key signatures are present. In the simplest system, the private key is split in 2 or more pieces and therefore the original key can only be put together if everyone agrees. This has an obvious problem: if any of these people lose their chunk of the key then nobody else can decode the whole key again.
There are several strategies to split a secret among a group of people. Some people could receive redundant piece of the private key, so signatures can be performed without everyone present. Also, by including some overlap between keys there is an implicit backup in case one of the members loses his secret data. Sophisticated mathematical ideas were also developed by cryptographers who developed multisignature systems based on properties of polynomials, geometry and number theory, all of which extrapolate the scope of this introductory article but which are based on similar ideas: the secret can be encoded in polynomials, geometric shapes and using prime numbers and at a certain point it becomes possible for parts of these mathematical structures to be put together and rebuild the original secret.
Multisignature wallets have proven to be secure and reliable over the years. In case of Bitcoin, some multisignature addresses hold billions of U$ safely. For instance, address 3D2oetdNuZUqQHPJmcMDDHYoqkyNVsFk9r holds over 175,000 Bitcoins (~U$ 1.3 billion) as of this writing (May 2018). For this address to spend its Bitcoins it requires 3 signatures from a group of 6 people, each of which are entitled to more than 200 million dollars in BTC (this is the Bitfinex exchange’s cold wallet address).
The Bitcoin Wiki presents many interesting applications of multiaddress Bitcoin signatures.
We hope this brief tour through cryptographic history and the art of splitting of secrets has given you a better idea about multisignature systems!
Handbook of Applied Cryptography – Chapter on Signatures
Understanding Cryptography Book
New Directions in Cryptography [Historic Paper by Diffie & Hellman]
How Does Public Key Encryption Work?
A Deep Dive on End-to-End Encryption: How Do Public Key Encryption Systems Work?