Multisig
A Multisig (multiple-signature) contract is a smart contract that requires multiple valid signatures to execute actions.
This is useful for avoiding single points of failure for contracts holding substantial amounts of tez or other tokens.
Multisigs also divide responsibility for contract execution and key management between multiple authorized parties and prevent that the loss of a single private key leads to an irreversible loss of funds.
Multisigs behave similarly to implicit accounts, except that they implement an M-of-N requirement. M of N (where M ≤ N, and N ≥ 1) represents the threshold of the wallet, with M being the required number of signatures or keys to execute actions and N being the total number of signatures or keys involved. For instance, a 2 out of 4 multisig requires two out of four possible valid signatures. This means the funds are still retrievable even if two signatures are lost. It also means that the majority of key-holders must agree and sign in order for the contract to execute actions.
- Proposer - a person who is:
- listed as one of proposers in the Multisig
- proposing a new transaction to be performed
- Approver* - a person who is:
- listed as one of proposers in the Multisig
- can approve proposals.
- Threshold - how many approvals should a proposal get before it can be executed. It's always <= amount of approvers
- Pending operations - proposed operations which are waiting either to be approved/executed depending on how many approvals it's gotten at the moment
- Approval - a contract call which increases the amount of approvals for a pending operation
- Execute - a contract call which executes a pending operation (it's disabled until the operation gets enough approvals)
- Contract Fee Payer** - a person who pays the fee for the Multisig contract origination. Can, but doesn't have to be one of the approvers.
(*) all approvers are also proposers
(**) all the fees, except for the Multisig contract origination, are paid by the approvers/proposers
- A proposer proposes a transaction to be performed on behalf of the Multisig.
- Approvers now can approve the transaction.
- Once N (threshold) out of M (total amount of approvers) approve the transaction it can be run.
- Any of the approvers now can execute the transaction.
The multisig contract currently used in Umami allows the following actions:
- Receiving tez and tokens (FA1.2 and FA2)
- Transfer tez and tokens (FA1.2 and FA2) owned by the contract
- Delegate the tez balance owned by the contract
You can also execute the operations listed above in a batch
Note: Receiving tez and tokens does not require the agreement of the multisig approvers, anybody can send assets to the contract.
Just click the "Create new multisig" button on the accounts page and follow the instructions.
Once the contract has been originated, all approvers will see a new Multisig account on their accounts page. It is loaded automatically.
Note: Please make sure to fill it in correctly because you cannot remove a Multisig. Right now, Umami doesn't support any amendments to the threshold or the approvers list either.
Like with any other implicit operation, just select the Multisig account as the sender. Once you're done, you'll see the proposed operation on the pending operations tab in the Multisig drawer where you can also approve/execute operations depending on their status
As of now, Umami:
- doesn't support having non-implicit accounts as approvers.
- doesn't have a way to amend the threshold and the approvers
- doens't let you remove a Multisig from the list of accounts (or better said hide, because you cannot remove a contract from the blockchain)