Multisignature Accounts
Multisignature accounts are a powerful, natively-supported security and governance feature on Algorand that require multiple parties to approve transactions. Think of a multisignature account as a secure vault with multiple keyholes, where a predetermined number of keys must be used together to open it.
For example, a multisignature account might be configured so that any 2 out of 3 designated signers must approve before funds can be transferred. This creates a balance between security and operational flexibility that’s valuable in many scenarios:
- Treasury management for organizations where multiple board members must approve expenditures
- Shared accounts between business partners who want mutual consent for transactions
- Enhanced security for high-value accounts by distributing signing authority across different devices or locations
- Recovery options where backup signers can help regain access if a primary key is lost
What is a Multisignature Account?
Technically, a multisignature account on Algorand is a logical representation of an ordered set of addresses with a threshold and version. The threshold determines how many signatures are required to authorize any transaction from this account (such as 2-of-3 or 3-of-5), while the version specifies the multisignature protocol being used. multisignature accounts can perform the same operations as standard accounts, including sending transactions and participating in consensus. The address for a multisignature account is derived from the ordered list of participant accounts, the threshold, and version values.
Some important characteristics to understand:
- The order of addresses matters when creating the multisignature account. Using addresses
[A, B, C]creates a different multisignature address than[B, A, C]. - However, the order of signatures does not matter when signing a transaction.
- Multisignature accounts cannot nest other multisignature accounts. In other words, a multisignature account cannot include another multisignature account as one of its participant addresses.
- You must send Algos to the multisignature address to initialize its state on the ledger, just like with any other account.
Benefits & Implications of Using Multisig Accounts
| Benefits | Implications |
|---|---|
| Enhanced Security: Requires multiple signatures for transactions, adding an extra layer of protection against compromise of a single key | Added Complexity: Requires coordination among multiple signers for every transaction |
| Customizable Authorization: The number of required signatures can be adjusted at creation time to fit different security models (e.g., 2-of-3, 3-of-5, 5-of-5, etc.) | Key Management: All signers must securely manage their private keys to maintain the security of the multisig account |
| Distributed Key Storage: Signing keys can be stored separately and generated through different methods (kmd, standalone accounts, or a mix) | Transaction Size: Multisig transactions are larger than single-signature transactions, which could result in slightly higher transaction fees |
| Governance Mechanisms: Enables cryptographically secure governance structures where a subset of authorized users must approve actions | Not Always Necessary: For simple use cases where security and governance are not critical concerns, a single-signature account may be more practical |
| Integration with Smart Contracts: Can be paired with Algorand Smart Contracts for complex governance models requiring specific signature subsets | Cryptographic Best Practices Keys used as signers in critical multisig accounts should be used exclusively for this purpose. |
How to Generate a Multisignature Account
There are different ways to generate a multisignature account. The examples below demonstrate how to create a multisignature account that requires 2 signatures from 3 possible signers to authorize transaction:
// Initialize an Algorand client instance and get funded accounts const { algorand, dispenser, randomAccountA, randomAccountB, randomAccountC } = await setupLocalnetEnvironment()
// Create a 2-of-3 multisig account that requires // only 2 signatures from the 3 possible signers to authorize transactions const multisigAccountA = algorand.account.multisig( { version: 1, threshold: 2, addrs: [randomAccountA, randomAccountB, randomAccountC] }, [randomAccountA.account, randomAccountB.account, randomAccountC.account], )
// Fund the multisig account await algorand.account.ensureFunded(multisigAccountA, dispenser, (10).algo())
// Send a payment transaction from the multisig account // which will automatically collect the required number of signatures // from the signing accounts provided when creating the multisig account await algorand.send.payment({ sender: multisigAccountA, receiver: randomAccountA, amount: algo(1), }) env: LocalnetEnvironment = setup_localnet_environment() algorand_client = env.algorand_client dispenser = env.dispenser account_a = env.account_a account_b = env.account_b account_c = env.account_c
""" Create a 2-of-3 multisig account that requires only 2 signature from the 3 possible signers to authorize transactions """ multisig_account = algorand_client.account.multisig( metadata=MultisigMetadata( version=1, threshold=2, addresses=[ account_a.address, account_b.address, account_c.address, ], ), signing_accounts=[account_a, account_b, account_c], )
algorand_client.account.ensure_funded( multisig_account.address, dispenser, AlgoAmount(algo=10) )
""" Send a payment transaction from the multisig account which will automatically collect the required number of signatures from the signing accounts provided when creating the multisig account """ algorand_client.send.payment( PaymentParams( sender=multisig_account.address, receiver=account_a.address, amount=AlgoAmount(algo=1), ), )$ ADDRESS1=$(goal account new | awk '{ print $6 }')$ ADDRESS2=$(goal account new | awk '{ print $6 }')$ ADDRESS3=$(goal account new | awk '{ print $6 }')
$ goal account multisig new $ADDRESS1 $ADDRESS2 $ADDRESS3 -T 2Created new account with address [MULTISIG_ADDRESS]