Blog: EOS Block Producer Tips & News


Q&A - eosio.msig What Does Multi-Sig Do On An EOS Blockchain?

August 08, 2018 / by Alexandre Bourget

Alexandre gives an introduction to why multi-signature (msig) signing is a useful and powerful feature of the EOS blockchain that we should all know about. It helps to make things easier AND more secure.
Still have more questions? Join us on Telegram


So today we're going to talk about msig. About the eosio.msig account; multi signature.

Let's picture this. You're going out to the park and you want to gather signatures for a petition. So you have one sheet of paper, and then you go to the people, you walk to them, and then you say "write your name here." And you gather the signatures. So that's very good, but you need to walk, and you need to have a single piece of paper.

In the EOS world, let's say we want to have a transaction be signed by multiple parties. So what you can do, is you can  craft the transaction and then you put it on a USB key. So it's just a JSON file that says transfer from Alice to Bob a million bucks, whatever. And let's say that requires two signatures, because both the mother and father of Alice needs to sign, or something like that.

And so you'll take that JSON file, put it on a USB key, you'll bring that to the computer of Alice's mom and you'll say "please sign this." And you can take her signature - it's just a string of text there - and you can put it inside the USB key on the transaction, whatever stitch it there. And then you can walk to her father's computer and  say "please sign that transaction" (a million dollars remember) and then you'll collect that second transaction.

But that's really annoying, right? It's really physical, or you could do that by email. Send the transaction by email and copy/paste, and bring it back, it's all a little bit annoying. The msig contract allows you to do that on chain. You can take that transaction, you can send it to the msig contract, it's going to save the transaction on the blockchain, and you can require a few permissions to be gathered around. So you could say "I want those two persons to sign" and then you'll send them sort of a link, or whatever a pointer, to that proposed transaction. It's going to be under your namespace, and then it can go, and they can sign a transaction. They're going to say "I approve of that remote transaction." That's what's on chain.

And once you've gathered sufficient signatures, or approvals, anyone - you or whoever - can  submit that transaction to the blockchain to be executed. This is a nice feature of the chain. It's just one contract.

Some of you clever people might have noticed that msig is a privileged account. So the truth is that the signatures are not gathered on chain, but only the approvals. The signatures  are just discarded. And the way the contract is laid out is it saves the fact that this person gave its approval. And once approvals are given, the msig contract is able to execute the transaction without checking the signatures at that point. And because of the way the code is laid out, that's legit. And privileged accounts allow you to do that.

I've heard people  say "oh the msig allows you to impersonate and sign things on behalf of others." This is not true. The way that msig contract is laid out does not allow you to do that. There's something called SUDO that's in the works that could allow you to do impersonation. But msig on its own is a general purpose and a generic way for you to submit transactions to the chain and have other people from the comfort of their homes sign your transaction and approve it.

So I think it's a great security feature. I think it's also a great feature of EOS. The fact that we have that as a native contract is a great feature of the chain.

Topics: Video, English, EOS.IO blockchain, Education, multi signature, msig

Alexandre Bourget

Written by Alexandre Bourget

Alexandre lives through technology. He wrote his first botnet at 12, later graduated in classical piano and went on to a prolific career in software engineering, with notable open source contributions. Alexandre co-founded two startups, including Bitcredits (a bitcoin payments processor, FounderFuel 2014 Spring Cohort). He then helped PasswordBox (acquired by Intel) craft their data stack and ended up as a lead Data Scientist in the Intel Security Consumer division. Today, Alexandre is very active in the blockchain space, advising several early stage companies. Alexandre taught programming for many years. He does live-coding presentations like no one else (Confoo, PyCon conferences) and is the lead organizer of Golang Montréal. You’ll often find him on Telegram, working through lines of code and bugs with others, doing what he can to help build the EOS community.

How To Vote For EOS Canada

Vote for EOS Canada as a Block Producer with the user account:

Vote with - a command line tool for securely storing your private keys and casting your vote