Background

Something I've been excited about for a very long time is multi-signature transactions and how they work in Stellar.

In the first version of Stellar, when it was still a fork of the Ripple codebase, if you wanted to do something a bit more complicated it quickly turned into looking like this:

  • User creates a new address and sends it to Anchor
  • Anchor creates a user account, User by sending STR to it
  • User waits for the transaction to clear
  • User sets up a trustline for an asset that Anchor issues
  • Anchor waits for the transaction to clear
  • Anchor sends asset to User,

This would take a lot of back-and-forths, a lot of time (three ledger updates),
and actively listening for successful transactions relating to your account.

The current version of Stellar changed that.

Transaction Envelopes

The first change was transaction envelopes -- Stellar already had a wide variety of operations you could submit, but they were submitted individually.

With transaction envelopes you are now able to submit up to 100 operations at once, and they will be treated as one atomic unit.

Either they all succeed, or they all fail.

Signatures in Stellar

The second change was the transaction signatures themselves.

The operations inside a transaction envelope can have different source accounts, and each source account needs to sign for their operations.

A transaction envelope can have up to 20 different signers. On top of that, a source account can have up to 20 different signers.

Stargazer

Multisig has been on my mind from the start, and I'm happy to say that since version 1.4 Stargazer has (more-or-less) full support for multi-signature transactions.

Shared accounts

You can easily create what is called an M-of-N multi-signature account, a shared account that has N signers, where at least M of them needs to sign each transaction envelope where the account is used as a source account.

Signing requests

To coordinate the signing process there's a hub in the middle that all clients are in contact with. The hub sends out signing requests to clients that are signers for a transaction envelope they need to sign, it collects signatures, and finally it submits transaction envelopes when they have been fully signed.

Signing requests show up on the account overview for each account that has any, and they stay there until the transaction has been submitted to the network.

The API

In order to spread this more, there's an open API (https://constellation.futuretense.io/) for dealing with the signature hub. Add it to your wallet or service, and start creating multi-party transactions.

10 months later

There's been a lot of developments regarding signing and signatures.

Just wanted to let people get reacquainted with these ideas

    12 days later

    dzham

    How does it determine who gets sent each request in your multisig hub?

    For StellarGuard, the default setup adds a 2 signers, a user-specific public-key with weight 10 and a static public key shared between all accounts with weight 1 (the threshold level is set to 20 so this signer can't actually sign things, but it is used as a way to indicate that StellarGuard is active).

    If I subscribe for requests with the static signer only (https://github.com/johansten/constellation-api/blob/master/examples/index.js#L18), will it be notified when a request for the source accounts with this signer come in?

        StellarGuard

        It's just a regular pub-sub system

        It doesn't validate the listeners to make sure that you're eavesdropping on events for other people, but that could be added.

        Subscribe to events for your static signer, and all signing requests that need your signature will be sent to you.