What Is a Multisig Wallet?
How M-of-N signing ends the single point of failure, what the QuadrigaCX collapse and the Parity freeze each proved, and an honest verdict on who needs the ceremony.

TL;DR
- A multisig wallet needs M of N keys to sign, so a 2-of-3 setup lets any two of three keys approve a payment.
- QuadrigaCX's founder died in December 2018 as the only keyholder, and the exchange collapsed owing about C$190m to roughly 115,000 customers.
- The November 2017 Parity freeze locked roughly 513,000 ETH forever: contract multisig adds software risk of its own.
- A personal 2-of-3 survives any one key being lost or stolen, at the cost of extra setup, devices and fees.
- Educational guide only, not financial advice.
In December 2018, Gerald Cotten, founder of the Canadian exchange QuadrigaCX, died suddenly while travelling in India. He was 30. By the company's own account he was the only person who could open the exchange's cold wallets. Roughly 115,000 customers were owed about C$190m, and every password had just left with him.
Then it got worse: the Ontario Securities Commission went through the wreckage and concluded in 2020 that Quadriga had operated as a fraud, with most of the money gone well before Cotten died. So there are two readings of the same collapse, one tragic, one criminal. Both share the same design flaw: one person held the only key.
What a multisig wallet is
A multisig wallet needs several keys to approve a payment. You create N keys and set a rule that any M of them must sign before funds move. The common personal pattern is 2-of-3: three keys, any two sign. Company and DAO treasuries tend to run 3-of-5 or higher, spread across directors so control never sits on one laptop.
Compare the default: an ordinary wallet has one private key, and whoever holds it controls everything in it. That one key is a single point of failure in both directions: a thief who copies it takes the lot, and an owner who loses it is locked out for good, with no support line to ring.
Multisig ends that arrangement: steal one key from a 2-of-3 and you cannot spend, lose one and the remaining two can still move the money out.
Where multisig runs
On Bitcoin, multisig is old technology: it was standardised through P2SH under BIP 16 in 2012, it has been battle-tested at the protocol level ever since, and exchanges have trusted the same machinery for their cold storage for most of a decade. The network itself enforces the signing rule.
Ethereum does it differently: there, a multisig is a smart contract, a program on the chain that holds the funds and enforces the rule itself. Gnosis built the contract wallet that became the de facto standard for DAO and company treasuries, and it now runs as a standalone project. Most crypto organisations of any size keep their shared treasury in one.
Funding one is the unremarkable part: an on-ramp such as Banxa, running fiat-to-crypto plumbing since 2014 with more than 100 payment methods across 100-plus countries, sends purchased coins to whatever address you give it, in the markets it serves. From the sender's side a multisig address behaves like any other address, so nothing about buying changes.
The Parity freeze
Contract multisig inherits contract risk, and there is a canonical example. In November 2017 a user experimenting with Parity's shared library contract managed to trigger its self-destruct function, and every Parity multisig wallet built on that library froze in the same moment. About 513,000 ETH became permanently unspendable. Nobody stole a coin: the funds are still visible on-chain, and nothing can ever move them.
The lesson is not that multisig is a bad idea, it is that a contract wallet stacks software risk on top of key risk, so the age and track record of the code matter. Prefer designs that have survived years in the open, and treat anything young and clever with suspicion.
A 2-of-3 in real life
The standard personal setup is three keys in three places, any two of which sign a payment: two hardware wallets stored apart, plus a backup key somewhere genuinely separate, a relative's house, a solicitor's office, a bank deposit box.
One key stolen: the attacker holds one signature and needs two, so the funds stay put while you rotate to a fresh setup.
One key lost or destroyed: the remaining two rebuild in a new wallet, annoying but recoverable.
Fire, flood, burglary, a photographed backup: any single event still leaves two keys standing.
This is self-custody with the stakes taken seriously, and one thing needs saying plainly: multisig narrows the ways you can lose crypto, it does not remove them. Nothing does.
What it costs
The costs are real, and people skim past them. Setup takes an afternoon of reading and double-checking, not ten minutes. Every payment becomes a small ceremony: fetch the second device, sign again, broadcast. And on Bitcoin a multisig transaction is larger than a single-signature one, so it pays more in network fees every time.
The recovery plan also has to work for someone who is not you. Inheritance is one of the main reasons people bother. A 2-of-3 that includes a family member and a solicitor keeps funds reachable after a death, provided the instructions are written down somewhere the family will actually look.
One neighbouring idea, kept separate on purpose: Shamir backup, standardised as SLIP-39, splits a seed phrase into shares. That protects the backup of one key rather than requiring several keys to sign, a related idea on a different layer.
Who actually needs it
Fewer people than crypto forums suggest, because for small balances the ceremony is overkill, and one hardware wallet with a properly stored seed phrase serves most owners well. For a beginner, the bigger danger is usually the setup itself, and a mis-made multisig has no support line either.
The pattern earns its complexity in two cases: balances large enough that one mistake would genuinely hurt, and money that more than one person must control, company treasuries, DAOs, family funds, inheritance plans. There, the rule that nobody can act alone is the entire point.
This is an educational guide, not financial advice. If you do go multisig, rehearse before it matters: send a small test payment, practise recovering with one key deliberately missing, and write instructions your family could follow without you on the phone. Then re-test once a year, while you are checking everything else anyway.
Frequently Asked Questions
No. A hardware wallet is a device that keeps one key offline. Multisig is a rule about how many keys must sign. The strongest personal setups combine the two, for example a 2-of-3 built from two hardware wallets plus a separate backup key.
Three keys exist, and any two of them must sign before funds move. One key alone can do nothing, which is the point of the design. Treasuries often go further, with 3-of-5 or more signers.
Yes. Bitcoin has supported it at the protocol level since BIP 16 in 2012. Ethereum runs multisig through smart contracts, which work well but add contract risk, as the 2017 Parity freeze that trapped about 513,000 ETH showed.
Nothing is lost yet. The two remaining keys can move everything to a brand-new wallet, and they should do that promptly. Losing a second key before you rotate would be terminal.
Yes, three ways. Setup takes longer, every payment needs signatures from more than one device, and on Bitcoin the transactions themselves are bigger, so network fees run higher. For small balances that overhead is hard to justify.
Usually not. One hardware wallet and a properly stored seed phrase cover most people. Multisig starts to earn its keep as balances grow, or the moment more than one person must control the funds, such as a company treasury or an inheritance plan.