LogoLogo
  • Technical Architecture
  • LagomChain CLI
    • Configuration
    • Working With Docker
    • Single Node
    • Multi Node
    • Alternative Databases
    • CLI Commands
    • Drafting a proposal
  • Concepts
    • Accounts
    • EIP-155: Replay Protection
    • Chain ID
    • Encoding
    • Gas and Fees
    • IBC Relayers
    • Key Management
    • Keyring
    • State Export/Imort
    • Multisig
    • Pending State
    • Signing
    • Token
    • Transactions
  • Modules
    • epochs
    • erc20
    • evm
    • feemarket
    • inflation
    • vesting
  • Module Accounts
  • Bugs
  • IBC Channels
  • Security Overview
    • Audits
    • Simple Arrangement for Funding Upload (SAFU)
  • Metrics
  • Frequently Asked Questions
Powered by GitBook
On this page
  • How Multisig Works
  • Creating a Multisig Account
  • Signing a Multisig Transaction
  • Summary of Multisig Commands
  • Security Considerations
  1. Concepts

Multisig

Multisig (multi-signature) accounts enhance security and decentralization by requiring multiple signatures to approve transactions. A multisig account in LagomChain is a special type of account that requires multiple private keys to sign transactions before they are considered valid.

Multisig accounts are useful for:

  • Enhancing security by distributing signing authority.

  • Enforcing multi-party approvals for transactions.

  • Reducing risks of a single point of failure.

How Multisig Works

A multisig account is defined by:

  1. Threshold – The minimum number of required signatures.

  2. Public Keys – The set of keys that can sign transactions.

Each transaction must be signed individually by the specified keys. Once the required number of signatures is collected, they are combined into a multi-signature to authorize the transaction. If fewer than the threshold signatures are present, the transaction is invalid.

Creating a Multisig Account

Step 1: Generate a Multisig Key

Use the following command to create a multisig key:

lagomd keys add --multisig=name1,name2,name3[...] --multisig-threshold=K new_multisig_key

  • K is the minimum number of required signatures.

  • --multisig specifies the public keys that will be combined.

  • new_multisig_key is the name of the new multisig account.

Example:

lagomd keys add --multisig=p1,p2,p3 --multisig-threshold=2 multisig_wallet

This command creates a multisig account that requires two out of three (2/3) signatures.

Multisig addresses can also be generated on-the-fly using:

lagomd keys show --multisig-threshold=K name1 name2 name3 [...]

Signing a Multisig Transaction

Step 1: Create the Multisig Key

Assume that three users (test1, test2, and test3) want to create a multisig account.

  1. First, import the public key of test3 into the keyring:

lagomd keys add test3 --pubkey=<public_key>

  1. Generate the multisig key with a 2/3 threshold:

lagomd keys add multi --multisig=test1,test2,test3 --multisig-threshold=2

  1. Verify the multisig account:

lagomd keys show multi

  1. Add tokens to the multisig wallet:

lagomd tx bank send test1 multi 10000000000000000000alagom --chain-id=lagom_986-1 --gas=auto --fees=1000000alagom --broadcast-mode=block

Step 2: Create an Unsigned Transaction

To send 5 LAGOM from the multisig account to another address:

lagomd tx bank send \
    lagom1recipientaddress \
    multi \
    5000000000000000000alagom \
    --gas=200000 \
    --fees=1000000alagom \
    --chain-id=lagom_986-1 \
    --generate-only > unsignedTx.json

This creates an unsigned transaction file (unsignedTx.json).

Step 3: Sign Individually

Each signer (test1 and test2) must sign the transaction separately.

Sign with test1:

lagomd tx sign \
    unsignedTx.json \
    --multisig=multi \
    --from=test1 \
    --output-document=test1sig.json \
    --chain-id=lagom_986-1

Sign with test2:

lagomd tx sign \
    unsignedTx.json \
    --multisig=multi \
    --from=test2 \
    --output-document=test2sig.json \
    --chain-id=lagom_986-1

Step 4: Combine Multisignatures

Now, combine the individual signatures into a final multisig transaction:

lagomd tx multisign \
    unsignedTx.json \
    multi \
    test1sig.json test2sig.json \
    --output-document=signedTx.json \
    --chain-id=lagom_986-1

This produces the final signed transaction file (signedTx.json), which contains the required threshold signatures.

Step 5: Broadcast the Multisig Transaction

To broadcast the fully signed transaction:

lagomd tx broadcast signedTx.json --chain-id=lagom_986-1 --broadcast-mode=block

Once broadcasted, the transaction will be processed and recorded on the LagomChain blockchain.

Summary of Multisig Commands

Action

Command

Create a multisig key

lagomd keys add --multisig=name1,name2 --multisig-threshold=K new_key

Check multisig details

lagomd keys show multi

Send funds to multisig account

lagomd tx bank send sender multi amount --chain-id=lagom_986-1

Create an unsigned transaction

lagomd tx bank send recipient multi amount --generate-only > unsignedTx.json

Sign transaction (each signer)

lagomd tx sign unsignedTx.json --from=signer --output-document=signerSig.json

Combine signatures

lagomd tx multisign unsignedTx.json multi sig1.json sig2.json --output-document=signedTx.json

Broadcast the transaction

lagomd tx broadcast signedTx.json --chain-id=lagom_986-1

Security Considerations

  • Private keys should never be shared. Each participant must sign transactions independently.

  • Ensure the correct threshold is set to prevent unwanted transactions.

  • Backup your multisig key and participants' public keys to avoid losing access.

PreviousState Export/ImortNextPending State

Last updated 3 months ago