In our article about wallets, we covered several types that all fall under the category of externally owned accounts (EOAs). These are accounts that use traditional public/private key pairs. That is, they consist of a single private key that can be used to make transactions and sign messages. If you have access to that private key, you have full control of the account. Most popular wallets such as Metamask EOAs, and even hardware wallets such as Ledger or Trezor are based on EOAs. This is why it is so important to keep your private key (seed phrase) safe! Your private key is, for any of these types of accounts, the single point of failure that stands between you and your funds being lost.
The other type of Ethereum accounts are smart contract accounts. Smart contracts also have a public Ethereum address which is impossible to tell apart form an EOA by simply looking at the address. Smart contracts can receive funds and make transactions like EOA wallet addresses too. One key difference is that, in general, there is no single private key paired with it that is used to verify transactions. Instead, the logic behind how contracts execute transactions is encoded and defined in the smart contract itself. As discussed here before, smart contracts are programs that run on the Ethereum blockchain and automatically execute when specific, predefined conditions are met. Contract accounts, in contrast with EOAs, can, for example, implement access rights that specify whom, how, and under what conditions a transaction can be executed.
Multi-signature wallets are contract accounts that require multiple parties to confirm a transaction before it can be executed. These parties, each represented by a unique Ethereum account address, are defined as multi-signature wallet owners in the smart contract. Only when a predefined number of these owners confirm a transaction, will the transaction be executed. Hence, the single point of failure associated with private key-controlled accounts is removed; losing or compromising a private key will no longer automatically result in a loss of all funds controlled by the account. (unless of course that contract is set up so that all 4 out of 4 possible signers must sign each transaction. Which is possible, but foolish, to set up)
One of the most popular multi-sig contract wallets, used by companies, DAOs, and individuals alike is Gnosis Safe. For individuals, Gnosis Safe allows users to fully customize how they manage crypto assets, with the option to require multiple devices to confirm transactions (hardware wallets, EOA-based wallets, paper wallets, or a combination of them). The advantage here is an added layer of security on transaction execution which you might think of as a kind of two-step verification. Another advantage is that if, god forbid, a wallets private key is lost or compromised, the user will still have the ability to control the wallet assets, via other singer accounts. For DAO's, companies, or other collectives, Gnosis Safe allows them to fully customize how they manage company crypto assets, with the option to require a predefined number of signatures to confirm transactions. Require multiple team members to confirm every transaction in order to execute it, which helps prevent unauthorized access to company funds.
Gnosis Safe can hold a variety of crypto assets such as tokens, NFT's, etc. It also has the ability to interact with Dapps such as ENS or other Defi protocols. Gnosis Safe is very simple to set up and use with just a little gas money to cover the transaction costs. For reference, there is currently more than $38B worth of ERC-20 tokens managed my Gnosis Safe vaults. (that number was north of 100B in February of this year before the bear market)
Many of you saw that we have been doing a little DAO experiment with our community of learners. We dropped a POAP, ran our Genesis Vote, and have also set up a community wallet using Gnosis Safe that any of you are welcome to contribute to by sending assets to WellBuiltCity.eth!
(join us in discord to engage!)
So whether you are setting it up for yourself or your community, we recommend experimenting with a multi-sig contract wallet. It's definitely worth familiarizing yourself with!