Implementing a fully functioning multisig wallet on Stacks

fess-v · April 25, 2023, 1:56pm

Hi there! We’re making a multisig wallet called Asigna.
While we were preparing the first multisig to come out, we tried to implement it using two opposite approaches, and both of them had complications that blocked us on our way.

The first approach is to utilize the native multisig transactions on Stacks.
The main problem which we’re facing right now with this approach is that owners of multisig wallets have to sign transactions only in the order their public keys were added to the multisig which is described in this issue. This prevents multisig applications to use this logic because it adds logic for signing orders, which is not applicable to a proper user-friendly multisig solution.
The second thing that is missing is that in micro-stacks and stacks.js packages there’s nothing like openSignMultisigTransaction. There are openSignMessage, openSignStructuredMessage, openSignTransaction, but it is not currently possible to connect to wallets on Stacks and add a signature to a multisig transaction.
The last thing in this method is that we need also a standard for message signature verification, which sometimes is crucial for dApps like marketplaces, exchanges, authorization purposes, etc.

The second approach is to make a smart contract wallet.
This way has even more complications on the way. The first one is that the Clarity language does not allow to call of arbitrary contracts and needs to have a standard trait defined for external smart contract calls, which is proposed in this SIP - github.com/fess-v/sips/blob/smart-contract-wallets-external-calls-standard/sips/sip-02X/sip-02X-smart-contract-wallet-external-call-standard.md.
The second thing is as well about message signatures, similarly to smart contract wallets on Ethereum like Gnosis, we should define a standard for signed messages for the same purposes described above, this is also proposed in another SIP - github.com/fess-v/sips/blob/smart-contract-signature-verification-standard/sips/sip-02X/sip-02X-smart-contract-signature-verification-standard.md.

Full list of advantages/disadvantages of the native approach:
Advantages:

Message signature verification is easier
Can call any contracts within Stacks without making forcing them to make additional interfaces
No additional smart contract risks

Disadvantages:

Owners and threshold can’t be changed, otherwise a new multisig address will be generated and all funds will need to be moved from the previous multisig
Hiro and other wallets, as well as micro-stacks and stacks packages should add functions which support multisig transactions and multisig message signatures & verification
Message signatures & verification should be standardized anyway

Full list of advantages/disadvantages of the smart contract approach:
Advantages:

Possibility to add and remove owners, change the confirmation threshold
No need to have additional calls in micro-stacks for multisignature transactions

Disadvantages:

Have to accept the SIP proposal for external calls, which adds additional work for any dApp which wants to be integrated with a multisig wallet
Signature verification is more complex and a SIP is also needed
Smart contract wallets imply additional development risks

Overall summary
Both ways have their own positive and negative sides, while the first native approach is still more appealing because it doesn’t force application developers to make additional work for making executor interfaces using the SIP mentioned above. But for this approach, the issue with signature orders should be fixed as well as client-side libraries should also support native multisig transactions. While the second thing shouldn’t be complicated, the first one could block the whole process for a while. We’re looking to get the initial feedback for our approaches, which will help us on our way of making a fully functioning multisig solution for the Stacks ecosystem.

P.S. Both ways also require additional work for the frontend SDK part, which will make the cross-domain communication possible between the web multisig page and internally opened in iframes dApps, but it’s not the main complication point and can be easily solved.
P.S.S. SIP links were attached in that way due to a limit of 2 links maximum.

fess-v · April 30, 2023, 5:25am

After our discussion on the weekly SIP call, we decided to go with the native approach for now and make a SIP proposal to speed up things with the ordering issue

github.com/hirosystems/stacks.js

Multisig transaction signing order

opened 05:58PM - 21 Apr 23 UTC

fess-v

bug discussion docs

### Describe the bug I don't know if it's even possible, but when I try to si…gn a multisig transaction starting from the third address (out of 3 public keys) it gives an error "Signer hash does not equal hash of public key(s): ba3f7c941ce749ba14f2a7c24d067948858ba16d != 0f8b02bbaa17b8df1eaede6102baef275a726914" Tried the following workarounds from this [issue](https://github.com/hirosystems/stacks.js/issues/962), but seems like it is only possible to sign a multisig transaction starting from lower index to a higher one from the initial public keys array - like (0, 1), (1, 2) (0, 2), but not (2, 1). So when the last owner, for example, wants to initiate a multisig transaction, he can't do it anyhow, as well as if the second owner initiates the transaction - the first one won't be able to confirm it after that #### How to reproduce ```javascript import { TransactionSigner, getPublicKey, createStacksPrivateKey, publicKeyToString, standardPrincipalCV, broadcastTransaction, makeUnsignedSTXTokenTransfer, } from '@stacks/transactions'; import { StacksTestnet } from '@stacks/network'; import BigNum from 'bn.js'; // Private key strings with compression byte appended const privKeyStrings = [ '6d430bb91222408e7706c9001cfaeb91b08c2be6d5ac95779ab52c6b431950e001', '2a584d899fed1d24e26b524f202763c8ab30260167429f157f1c119f550fa6af01', 'd5200dee706ee53ae98a03fba6cf4fdcc5084c30cfa9e1b3462dcdeaa3e0f1d201', ]; const privKeys = privKeyStrings.map(createStacksPrivateKey); // Compressed public keys const pubKeys = privKeys.map(getPublicKey); const pubKeyStrings = pubKeys.map(publicKeyToString); const recipient = standardPrincipalCV('SN3C9PPBTKJNWJ5HZBBWERRAF4E3W6M39AN54S92'); const amount = new BigNum(74); const fee = new BigNum(278); const nonce = new BigNum(0); const memo = 'test'; const network = new StacksTestnet(); (async () => { const transaction = await makeUnsignedSTXTokenTransfer({ recipient, amount, network, fee, nonce, memo, numSignatures: 2, publicKeys: pubKeyStrings, }); const signer = new TransactionSigner(transaction); signer.signOrigin(privKeys[2]); signer.appendOrigin(pubKeys[0]); signer.signOrigin(privKeys[1]); const txId = await broadcastTransaction(transaction, network); console.log('Transaction ID: ' + JSON.stringify(txId, null, 2).replace(/^"|"$/, '')); })().catch((err) => { console.error('Error:' + err); process.exit(1); }); ``` #### Expected behavior It should be possible to initiate a signature from whatever owner

I’ll attach the SIP when a draft is created

HeroGamer · May 1, 2023, 1:52pm

Hi Vlad, thanks for updating us on your proposal! I hope many others can chime in on your proposal. We host a SIP Editor call bi-weekly, next call is on the Thursday 11th May.
Editors are the group of people who will be doing the first review pass on your proposal, support proposers that the draft is done according to guidance.
Feel free to join our call!

HeroGamer · May 8, 2023, 4:07pm

Last Friday’s SIP call, Asigna team Vlad @fess-v & @ viven kindly joined and shared more details and demo their Advanced Bitcoin&Stacks Multi-sig wallet solution

Thank you kindly Vlad.

Recording will be published on Youtube within the next 2 weeks: Stacks Community - YouTube

fess-v · May 11, 2023, 4:12am

Thanks, Hero! Following up on the conversation, I created a PR (Signature order-independence fix for multisig tx by fess-v · Pull Request #3710 · stacks-network/stacks-blockchain · GitHub) for the stacks blockchain repo to proceed with our discussion of the problem and potential solutions.

fess-v · November 11, 2023, 9:09am

Dropping the result here. stacksgov/sips/pull/152 (can’t post a link, it’s on github) We’re working with @jbencin on the order-independent version of the SIP, with the same implementation link in the comment above. Planning to make this change with the Nakamoto upgrade