Multi-signature wallets are software databases that require multiple signatures (keys) to access. Though it can be helpful to imagine them as physical wallets, vaults, or safes (and several of them use similar names), multi-signature wallets are software databases—functionality, security, and reliability depend on their underlying code.
Multi-signature wallets can have any number of potential keys associated with it, though some software impose a maximum limit. These keys may be passwords, passphrases, codes, fingerprints or other biometric keys, hardware keys, or an authenticating application on a phone or computer. Multi-signature wallets often include a feature during setup to specify whether all keys or only some predetermined number of keys will be required to access the wallet (referred to as a key ceremony). The latter is referred to as “m of n”, meaning that out of n total keys, at least m are required to access the wallet. Some multi-signature wallets may require a combination of both approaches.
The software code determines how the keys are used. Keys can be matched against a stored record (similar to how hosts confirm passwords) or keys can be used to encrypt/decrypt the database. There are several ways to use multiple keys for encryption/decryption. One method uses the keys to construct a master private key that can decrypt the database directly. Other methods include dividing the database into fragments for each key to decrypt or using each key in succession to decrypt the database. Once decrypted, the code determines whether anyone with a key can access the database or whether only particular individuals can.
Multi-signature wallets can reduce fraud by requiring multiple parties to effectively approve access, and can reduce key person risk inherent in wallets where only one person holds the key(s) required to access it. Some also include monitoring and logging features that record when and how a multi-signature wallet is accessed.