The Steem blockchain supports multisignature transactions. Multisignature transactions are a security feature that requires a transaction to be signed by multiple parties (each with their own key) before they become valid.
Reasons why multisignature transactions are important
A lot of investors will consider multisignature transactions a requirement in order to purchase and hold a coin. Many developers can also use multisignature transactions to add additional layers of security to their applications and tools.
Needed: Better tools / guides
Even though the blockchain supports multisignature transactions, there is very little available in terms of tools and guides on how to use multisignature transactions. The main guide that I am aware of is "[piston] How to use it for multisignature accounts" from @xeroc, but AFAIK it uses a deprecated library that no longer works.
In order to help make multisignature transactions more accessible to investors/developers/users, we need to improve our tools and guides.
1500 STEEM Bounty
@transisto, @elear, @therealwolf, @drakos, @instructor2121, @sorin.cristescu, @clayop, @ausbitbank, @thecryptodrive, @yabapmatt, @aggroed, @cervantes, @upheaver, @lukestokes, and I (@timcliff) have teamed up to offer a bounty for someone to create a multisignature transaction guide. We are each contributing 100 STEEM (
15 x 100 = 1500 STEEM). The details on the guide as well as the terms of the bounty are below.
(The guide will have two parts.)
- The first part will guide a user through the process of setting up multisignature authority for the active authority on the account. The guide should be generic enough to support the setup for any authority that allows N keys, each with their own weights W_n, and a threshold of T (for any valid combination of N, W_n, and T).
- The first part of the guide should also include a brief section on how the steps would be different if the user wanted to setup multisignature authority on the posting authority instead of the active.
- In addition to the generic instructions, the guide should also include an example that walks through the steps for this scenario: A user wants to have their active authority setup with seven keys. Keys one and two each have a weight of 25%. Keys three, four, five, six, and seven each have a weight of 10%. In order for a transaction to be valid, it must have at least 40% weighted signatures.
- The second part will guide a user through the process of sending STEEM (or SBD) tokens to another user, and signing the transaction with a sufficient number of keys to exceed the threshold on an account that has an active authority with N, W_n, and T.
- The process that is used needs to include a practical means of acquiring all of the signatures on the transaction before the transaction expires.
- Continuing with the example from part 1 (using the same account, keys, etc.) part 2 of the guide should also have an example that walks through the steps for this scenario: One of the key holders of the account wants to transfer 5.0 STEEM tokens to another user. The transaction should be signed with keys one, four, and five (which would exceed the 40% threshold).
- The process that is used in the guide needs to easy enough to use that anyone with reasonable technical knowledge can set up a multisignature account and consistently sign transactions by following the guide.
- The guide should not make any assumptions about the user knowing what to do. The instructions need to be very clear with no uncertainty about what needs to be done in each step.
- The guide can only use tools and libraries that are open source and actively maintained.
- The guide can only use tools and libraries that have been audited and accepted by the Steem community as valid tools/libraries (examples: SteemConnect, Beem, DSteem, etc.).
- If the guide uses reference material from other sources, the sources should be properly referenced within the guide.
Some coding may be needed
It is possible that there isn’t sufficient support within the existing tools and libraries to be able to write a guide based on what is currently there. If existing tools/libraries need to be updated in order to complete the bounty, it may be necessary to make code changes and submit them via pull requests before the guide can be completed.
It will be the responsibility of the person creating the guide to make whatever code changes are needed to whatever repositories need them in order to meet the terms of the bounty. This includes working with the necessary parties to get changes accepted and merged into the official repositories.
- The guide must meet all of the conditions described above.
- The guide must be created as a post on the Steem blockchain. (If the guide is split up into two posts - part 1 and 2 - with sufficient linking between them, that is OK too.)
- After the guide has been created, reply to this post with a link to the guide, as well as the name of an account where the process has been successfully used to transfer at least 0.001 STEEM to another account with the seven key multisignature example above. The reply to this post with the post link and account name will be considered the submission.
- @transisto, @elear, @therealwolf, @drakos, @instructor2121, @sorin.cristescu, @clayop, @ausbitbank, @thecryptodrive, @yabapmatt, @aggroed, @cervantes, @upheaver, @lukestokes, and @timcliff will have "multisignature authority" over the approval of the bounty to determine if the terms are met. We will each have 1/15 voting weight. If at least 12/15 of the parties agree that the terms of the bounty have been met, then the 1500 STEEM bounty will be awarded.
- If there are multiple submissions, they will be evaluated in the order that they are received. The first submission to receive 12/15 approval will be the winner of the bounty.
- If a submission does not receive 12/15 approval and significant changes are needed to make it valid, the updated version (with the changes made) should be re-submitted as a new entry.
- Please allow up to seven days from the time of submission for each of us to review the submission and vote.
- Each of the 15 contributers will be responsible for paying their bounty to the winner.
- If no valid submissions have been received by 23:59 (UTC) on March 31, 2019 then the bounty will be void/canceled.
If you have any questions about the terms of the bounty (including whether a particular library is OK to use) please ask :)
Good luck everyone!
[Edit] The bounty is now closed. Thank you everyone who participated!! The results can be found here:
Bounty Mission Success: Multisignature Transaction Guide Complete