We’re building the first Cryptobank for companies. The thing is, crypto-land hasn’t always been the safest place. Here’s a few pointers to help you form an educated answer as to why you can trust Multis with your company’s crypto.
TL;DR: Multis = Security by simplicity and plurality.
Multis takes pride in being a decentralized application. We don’t hold any private keys and will never be custodian of your funds.
Why it matters
It’s the backbone of Multis but it’s worth saying it again: multisigs are the proper and robust way to manage crypto as a group. And no, splitting the private key of an individual account is not the answer!
The purpose of multisig wallets is to increase security by requiring multiple parties to agree on transactions before execution. Transactions can be executed only when confirmed by a predefined number of owners.
First off, Multis isn’t introducing a new multisig smart contract. We use the exact same contract written and deployed by Gnosis. Take the contract address used when deploying a new company account:
The destination address is 0x6e95C8E8557AbC08b46F3c347bA06F8dC012763f which corresponds to the multisig’s factory contract:
The Gnosis multisig smart contract is community-approved and thoroughly-audited:
We found the code under scrutiny to be elegant, robust, and secure. The wallet’s features are implemented with a minimal amount of code, resulting in a reduced attack surface. Despite such minimalism, its well-thought-out design allows for a surprisingly large feature set.
In the long term, we’ll provide a decentralized insurance that would cover our clients should something happen to the Gnosis multisig contract. More decentralized peace of mind 😌
Why it matters
As explained on this blog post Multis is a static website. It’s basically a folder with html, css and js files. To be a bit more precise, thanks to Firebase, Multis has a server-less, backend-less and password-less architecture. It’s worth adding that Firebase is certified under major security standards.
With Cloudflare acting as our proxy we activated DNSSEC for our domain multis.co.
Why it matters
We’re committed to building robust software and as such we chose to use the ClojureScript programming language: it has a strong reputation for making simple and strong codebases (functional programming). We’re writing specs to ensure the correctness of our data at the edges of our systems.
Multis’s code is “interface” code and changes with every new release (multiple times a day) — in that sense it makes less sense to audit it (than immutable smart contracts). Nonetheless, we’re in the process of running bounties to help stress-test our service.
Note: We’re still pondering whether to open source Multis’ code but as of now the code is not open-source, making it harder to copy (and create phishing websites).
Why it matters
Now that you have a better picture of Multis’ architecture and approach to security, let’s see how this would play out in these three challenges.
That’s the question we should all ask before using any service!
Let’s say you have an account on Multis, the address of your company account looks like this: 0x4729ea9389……
If Multis dies, nothing really happens. Multis never had your private keys in the first place. Your company funds will still be under that address, and you could still access these funds from another interface. You can think of it as if your email client shuts down: you can still access your emails from another client. You will just have lost access to a superbly convenient and crisp interface called Multis 😉
That’s the question we should all ask before working with anybody!
Well in that case it really depends on how you set up your Multis account. We’ve always been preaching for a “n out of n+1” policy (n confirmations needed for a multisig of n+1 owners). Meaning that if one owner loses their individual wallet/private key, the other owner can remove that previous owner and add them again with another address.
If you’re in a “n out of n” policy, your only chance is if you have a daily threshold strictly greater than zero: you’d be able to move ETH out of your account little by little and create a new one with the proper policies.
If you’re “n out of n” and you have no threshold (or you have ERC-20 tokens), in that case there’s one thing to say “sorry for your loss” 😢
Note: Multis is thinking about preventing people setting a “n out of n” policy.
That’s the question you should ask before delegating any actions!
Turns out this Blockchain technology stuff isn’t such a bad thing after all:
Consider this analogy: it’s as if you wanted to check the time and your watch doesn’t work. The other clocks still do. In a way, the blockchain behind all the watches in the world is the most immutable of all: time itself ✨
Multis is also hiring in multiple positions (growth/design/engineering): if you’re keen to join our team of crypto dreamers and contribute to our mission to democratize companies’ access to crypto, send us an email at firstname.lastname@example.org.