You may have heard the term multisignature or “multisig” before, but what does it actually mean? Stellar accounts have a concept known as “signers”; a transaction is not valid and cannot be submitted unless it is signed with the account signers’ private keys. An account that uses multisig is set up so that it requires multiple signers from different accounts in order for its transactions to be valid.

Let’s use a real-world metaphor to break down the concept of signers, secret keys, and multisig: banks. You open a checking account at a bank and are given a stack of checks. You write a check for $100 to your friend, and you sign your name at the bottom. When your friend cashes it, the bank is supposed to verify that your signed name at the bottom matches what they have on file for you, otherwise they should flag it as fraudulent and reject it. Since you were the one to write and sign the check, everything is fine and your $100 goes to your friend as expected.

One day you accidentally leave your checkbook on the bus, as well as a few other papers that have your signature on it. A nefarious character named Don finds your checks and writes a check to himself for $1000 and traces your exact signature he found in those papers onto that check. He goes and cashes the check and because the signature looks right, the bank accepts it. Yikes, you’re out $1000! This is like if a hacker stole your Stellar secret key.

The next day you get an idea: you walk to the bank with your trusty friend Bob and tell the bank that you want to make a change to your account: from now on the bank should only accept checks that have both yours and Bob’s signatures. So you write a check for $10 to Bob, thanking him for agreeing to do this for you. You sign your name at the bottom and hand him the check, and he signs his name at the bottom too. Great! The check gets cashed as expected. That’s multisig.

Later, you lose your checkbook and Don finds it and writes himself another $1000 check with your forged signature. He goes to cash it, but the bank sees that Bob’s signature is not on it, so they give you a call and you tell them to throw Don in jail for theft. This is like if a hacker stole your Stellar secret key, but your account had multisig on it.

Not all of us have a friend like Bob that you can trust to be available to be at all hours of the night to sign transactions for you. But there’s good news: meet your new friend StellarGuard.me.