Alexandre gives an introduction to why multi-signature (msig) signing is a useful and powerful feature of the EOS blockchain that we should all know about. It helps to make things easier AND more secure.
Still have more questions? Join us on Telegram
So today we're going to talk about msig. About the eosio.msig account; multi signature.
Let's picture this. You're going out to the park and you want to gather signatures for a petition. So you have one sheet of paper, and then you go to the people, you walk to them, and then you say "write your name here." And you gather the signatures. So that's very good, but you need to walk, and you need to have a single piece of paper.
In the EOS world, let's say we want to have a transaction be signed by multiple parties. So what you can do, is you can craft the transaction and then you put it on a USB key. So it's just a JSON file that says transfer from Alice to Bob a million bucks, whatever. And let's say that requires two signatures, because both the mother and father of Alice needs to sign, or something like that.
And so you'll take that JSON file, put it on a USB key, you'll bring that to the computer of Alice's mom and you'll say "please sign this." And you can take her signature - it's just a string of text there - and you can put it inside the USB key on the transaction, whatever stitch it there. And then you can walk to her father's computer and say "please sign that transaction" (a million dollars remember) and then you'll collect that second transaction.
But that's really annoying, right? It's really physical, or you could do that by email. Send the transaction by email and copy/paste, and bring it back, it's all a little bit annoying. The msig contract allows you to do that on chain. You can take that transaction, you can send it to the msig contract, it's going to save the transaction on the blockchain, and you can require a few permissions to be gathered around. So you could say "I want those two persons to sign" and then you'll send them sort of a link, or whatever a pointer, to that proposed transaction. It's going to be under your namespace, and then it can go, and they can sign a transaction. They're going to say "I approve of that remote transaction." That's what's on chain.
And once you've gathered sufficient signatures, or approvals, anyone - you or whoever - can submit that transaction to the blockchain to be executed. This is a nice feature of the chain. It's just one contract.
Some of you clever people might have noticed that msig is a privileged account. So the truth is that the signatures are not gathered on chain, but only the approvals. The signatures are just discarded. And the way the contract is laid out is it saves the fact that this person gave its approval. And once approvals are given, the msig contract is able to execute the transaction without checking the signatures at that point. And because of the way the code is laid out, that's legit. And privileged accounts allow you to do that.
I've heard people say "oh the msig allows you to impersonate and sign things on behalf of others." This is not true. The way that msig contract is laid out does not allow you to do that. There's something called SUDO that's in the works that could allow you to do impersonation. But msig on its own is a general purpose and a generic way for you to submit transactions to the chain and have other people from the comfort of their homes sign your transaction and approve it.
So I think it's a great security feature. I think it's also a great feature of EOS. The fact that we have that as a native contract is a great feature of the chain.