Multisig Wallet: Protect Bitcoin in case of death or forgetfulness

UPDATE (April 2018): See footnote regarding Coinbase multisig vaults.* The feature will be retired this month, because it interferes with plans to improve support of Bitcoin forks.

Legacy Method of Inheriting Assets

Many Bitcoin owners choose to use a custodial account, in which the private keys to a wallet are generated and controlled by their exchange—or even a bank or stock broker. In this case, funds are passed to heirs in the usual way. It works like this…

An executor, probate attorney, or someone with a legal claim contacts the organization that controls the assets. They present a death certificate, medical proxy or power-of-attorney. Just as with your bank account or stocks and bonds, you have the option of listing next of kin and the proportion of your assets that should be distributed to each. These custodial services routinely ask you to list individuals younger than you and alternate heirs, along with their street addresses, in the event that someone you list has died before you.

Of course, Bitcoin purists and Libertarians point out that the legacy method contradicts the whole point of owning a cryptocurrency. Fair enough.

Multisig to the Rescue

Using multisig would be far easier, if wallet vendors would conform to standards for compatibility and embed technology into hardware and software products. Unfortunately, they have been slow to do so, and there are not yet widely recognized standards to assure users that an implementation is both effective and secure. But, there is some good news: It’s fairly easy to process your ordinary account passwords and even the security questions with a roll-your-own multisig process. I’ve done it using PGP and also using Veracrypt—two widely recognized, open source encryption platforms.

This short article is not intended as an implementation tutorial, but if the wallet vendors don’t jump up to home plate, I may release a commercial tool for users to more easily add multisig to their wallets. It really is safe, simple and effective. (If readers wish to partner with me on this? I estimate that it will take $260,000 and about six months).

What is Multisig and How Does it Protect your Wealth?

Multisig allows anyone with credentials to an account, wallet or even a locked safe to create their own set of rules concerning which combinations of friends and relatives can access their assets without the original owner. The owner sets conditions concerning who, when, how much and which accounts can be accessed — and the heirs simply offer passwords or proof of identity. If implemented properly, it doesn’t matter if some of the heirs have forgotten passwords or died before the original owner.

This can be illustrated in an example. I am intentionally describing a complex scenario, so that you consider a full-blown implementation. Although the ‘rules’ listed below appear to be complex, the process for creating the associated passwords is trivial.

The last 2 rules listed below do not use Multisig technology, but rather Smart Contracts. It enhances an owner’s ability to dictate terms. Here, then, is the scenario…

I want heirs to have access to my assets
at banks, brokers, exchanges or other ac-
counts–but only under certain conditions:

  • If any 4 of 11 trusted family and friends come together and combine their passwords (or an alternate proof-of-identity), they may access my wealth and transfer it to other accounts
    • But, if one is my husband, Fred, or my daughter, Sue, then only two trusted individuals are needed
    • —But not Fred and Sue together (At least one must be an outsider)
  • If any account has less than $2500, then it goes to my favorite charity, rather than the individuals I have listed
  • None of my accounts can be unlocked by my heirs, until I have not accessed them with my own password for 3 months. Prior to that, the Multisig will fail to gain access.

Again, the decedent’s wishes are complex, but executing and enforcing these rules is trivial. In my presentations, I describe the method on two simple PowerPoint slides. Even that short description is sufficient to show anyone who has used common cryptography apps to weave their own multisig add-on.

Of course, each individual will need to locate their own secret password, but a biometric or other conforming proof-of-identity can be substituted. Even if several survivors cannot recall their credentials, the multisig method allows other combinations of individuals to access the assets across all accounts.

This article may leave you wondering about the legal process—and this is where I agree with the Libertarian viewpoint: Sure! The courts have a process and heirs should document their access and decisions for tax purposes and to assure each other of fair play. But a key benefit of cryptocurrency and the disintermediation offered by the blockchain is the personal empowerment of access with impunity and without waiting for any legal process.

Let the courts to what they do, while you honor the wishes of your dearly departed.

If this article generates sufficient interest, I may prepare a short tutorial on how to split off your own Multisig passwords, regardless of which wallet or hosted services you use. It will work with any vendor, app or gadget —or— Perhaps, I will refine my homespun solution and offer it as an add-on app that can be used with any wallet, bank account or exchange. Simple, ubiquitous and effective multisig should have been available to even traditional banking customers years ago!

* History of Coinbase support for a multisig vault

Oct 29, 2014 — Coinbase adds Multisig Vault
                           Multisig rule: (3) private keys created. 2 are required to access coins:

  1. User Key
  2. Coinbase Key
  3. 2nd Coinbase Key but only user has passsword

Aug 31 2017 — No more NEW Multisig vaults

April 19 2018 — Sunset of Multisig vaults (and announced earlier, on Mar 20)

Sunset on Multisig vaults: They make it difficult to support forks. A new tool will still support withdrawls after multisig vaults are retired.

Ellery Davies co-chairs CRYPSAhosts the Bitcoin Event and presents at Crypto Conferences around the world. Book a presentation or consulting engagement.

Passfaces: Strong authentication for the masses

This week, Google is pursuing hardware-based schemes for user-authentication, while Apple has just added two factor authentication to iCloud and Apple ID users, sending a verification code to a mobile number that you register in advance.

Security pundits know that two factor authentication is more secure than simple passwords. As a refresher, “Factors” are typically described like this:

  • Something that you know (a password — or even better, a formula)
  • Something that you have (Secure ID token or code sent to cell phone)
  • Something that you are (a biometric: fingerprint, voice, face, etc.)

The Google project may be just another method of factor #2. In fact, because it is small (easily misplaced or stolen), it simplifies but does not improve on security. I suggest a radical and reliable method of authentication. It’s not new and it’s not my idea…


Back in 1999, Hugh Davies (no relation to Ellery) was awarded a patent on a novel form of access and authentication. It capitalizes on the human ability to quickly pick a familiar face out of a crowd. Just as with passwords, it uses something that you know to log in, purchase, or access a secure service. But unlike passwords, the “combination” changes with every use, and yet the user needn’t learn anything new.

Hoping to commercialize the technique, Davies joined another Brit, Paul Barrett, and formed Passfaces (originally, Real User Corporation). Incidentally, it is quite difficult to research Passfaces and its history. Web searches for “face recognition”, “access”, “authentication” and “patent” yield results for a more recent development in which a smart phone recognizes the face of authorized users, rather than users recognizing familiar faces. (Google, Samsung and Apple are all beginning to use face recognition on mobile devices). In fact, the Passfaces method is quicker, uses less resources and is far more reliable.

I have long been disappointed and surprised that the technique has never caught on. It is a terrific method with few drawbacks. Used alone, it is better than other methods of 1 or 2 factor authentication. Add a second factor and it is remarkably secure and robust.

How it Works:

Passfaces-1When accessing or authenticating (for example, logging into a corporate VPN or completing a credit card purchase), you are presented with a tiled screen of individual faces. I prefer a big 15×5 grid = 75 images, but Passfaces uses sequential screens of just 9 faces arranged like the number pad on an ATM.

Just click on a few familiar faces. That’s all! Oddly, Passfaces discourages the use of known faces. Their research, with which I respectfully disagree, suggests that users should train themselves to recognize a few faces from the company’s stock library. In my preferred embodiment, users upload a dozen photos of people they know at a glance—preferably, people that they knew in the past: A 3rd grade music teacher, a childhood friend who moved away, the face on an oil painting that hung in the basement until Dad tossed it in the fireplace. Now, add the boss who fired you from your first job, the prom queen who dumped you for a football jock, and that very odd doorman who stood in front of a hotel in your neighborhood for 20 years. Photos of various quality and resolution, but all scaled to fit the grid. Some are black & white, perhaps scanned from an old yearbook.

Using my preferred example of 75 faces, suppose that 5 or 6 of the images are from your personal shoe box of old photos. The rest are randomly inserted from all over the internet. How long would take you to click on 3 of the 5 or 6 familiar faces in front of you? (Remember: They are old acquaintances. Even a spouse would have difficulty picking out 3 faces from your early life—as they looked back then). Surprise! You will click them instantly, especially on a touch screen. You won’t need even a second to study the collage. They jump off the screen because your brain perceives a familiar face very differently and faster than anything else.

Of course, the photo array is mixed in different ways for each authentication and it incorporates different friends from your original upload. In fact, if a user sees the same faces in the next few transactions, it is a red flag. Someone has spied on the process, perhaps with a local camera or screen logger. In legitimate use, the same faces are not recycled for many days and are never shown together on the same screen.

Facebook uses a variant of this technique when their servers sense your attempt to login from new equipment or from another part of the country. They show you individuals that you have friended, but that were uploaded and tagged by other users. If you cannot identify a few of your own friends, especially the ones with which you have frequent social contact, than it’s likely that your login attempt deserves more scrutiny.

I don’t know why Passfaces or something like it has failed to catch fire. Perhaps the inventor refuses to license the method at reasonable cost or perhaps he cannot find a visionary VC or angel consortium to more aggressively promote it. If I had invented and patented facial-array authentication, I would attempt to market the patent for a short time focusing on very large network companies like Microsoft, Google, Cisco or Akamai. If I could not license or sell the patent quickly, I would hesitate to go it alone. (I have tried that route too many times). Instead, I would place it in the public domain and profit by being the first, and most skilled practitioner at deployment. I would train and certify others and consult to organizations that use or commercialize the technology.

saira.maskI used this approach in promoting my own patent which describes an economic barrier to spam (after failing to exploit the invention with my own company). Later, I started with this approach in my research on Blind Signaling and Response and on Reverse Distributed Data Clouds. I recognized that rapid adoption of transformative technology like facial grid authentication, can be thwarted by defensive IP practice.

« Branching somewhat off topic, a developmental biologist at Imperial College in London, has published a proof that Saira Mohan has the world’s most beautiful face, irrespective of the observer’s race. That’s Saira at left. Her mother is French/Irish and her father is Hindoo.

Ellery consults to cloud storage vendors in areas of security, privacy & network architecture. He has no direct ties to the authentication community.