Earlier this year, Bitcoin Core developer Gavin Andresen declared 2014 to be the “Year of Multi-Sig.” The development of highly secure wallets requiring multiple private key approvals holds a huge amount of promise for more complex applications of the bitcoin protocol, enabling natively created smart contracts, escrows and corporate-style accounts where payments must receive multiple authorizations before they can be settled. While there have been some advances, multi-sig development on 2014 has seemed more like a promising idea than a practical reality. A new open-source project released today by BitPay aims change that.
Dubbed “Copay,” BitPay’s new multi-signature wallet was developed in-house as an internal security tool. The Atlanta-based payment processor believes it “needed to be shared” because “multi-signature technology will play an important role in helping people secure their bitcoins against loss or theft.” Rather than release a proprietary tool in the famously skeptical and transparency-loving cryptocurrency community, BitPay decided it was “essential” for Copay’s code to be open souce and peer reviewed.
If Copay delivers on its promises, it could have huge implications for changing how digital currency payments work, solving many problems that even the current banking system struggles to address:
With Copay, a small company can for example manage their bitcoin holdings by requiring 3 of 5 officers to sign transactions that spend funds. A household can use a 2 of 3 wallet to manage family funds (with one signer on a device tucked away in a secure, offline location in case someone accidentally loses their online wallet). A parent can use a 2 of 3 wallet with their child to moderate the child’s spending habits and ensure they don’t accidentally lose bitcoins to a virus. There are many more possibilities.”
BitPay is hardly the first company to announce a multi-sig wallet initiative, but it is the first to release the code publicly and to open-source the development. Online wallet providers like Xapo and BitGo, for instance, have touted multi-signature security features for months. Those companies have kept the code to their multi-sig tools close to their chests, as they provide a meaningful competitive advantage in a business where security is one of the biggest selling points. As a payment processor, rather than a wallet provider, BitPay has a different set of incentives. The more secure the entire bitcoin network, the easier it is to sell people on their service.
If anything, BitPay seems to be taking aim at any company who holds bitcoin for their customers:
The community is also beginning to stress the importance of having true possession of bitcoins rather than trusting the storage of your bitcoins to a third party (need we remind people of mtgox?). The challenge is making it both easy and safe to maintain possession of your bitcoins in a true wallet and we believe multi-signature provides an important leap in that direction.”
The BitPay blog post itself raises some interesting questions about the legal implications of multi-sig wallets, noting “If a transaction requires 3 or 4 peoples’ signatures, then who possesses those bitcoins?” If parties in different countries with different legal definitions of digital currency share an address, for instance, which country’s laws take precedence in the transaction? With bitcoin adoption growing and countries struggling to keep up, the ramifications could be huge.
Built on the open-source bitcore stack, and using the open-source Insight API, Copay is clearly a good-faith attempt to provide a good start to the development of a powerful multi-sig wallet ecosystem. BitPay is quick to note that Copay’s code is beta-quality at this point, and admits that the bare-bones interface makes it “a bit of a power users’ tool” in its current state.
