Ethereum founder urges self-custody – recommends use of multi-sig, social recovery wallets
Vitalik Buterin said that he and the Ethereum Foundation use multi-sig wallets to secure the majority of their crypto assets.
Buterin said that self-custody is important as centralized entities can become untrustworthy and people can lose their funds without notification. However, he added that being solely responsible for the entirety of one’s security system carries inherent risks that can be minimized by using multi-sig and social recovery technology wallets.
The Ethereum co-founder said he and the Ethereum Foundation use multi-sig wallets to secure most of their crypto assets.
Multi-sig & Social recovery
According to Buterin, multi-sig wallets — like Gnosis Safe — should be used for cold storage of crypto-assets as they require multiple keys to sign off on transactions.
Users can assign multiple people to hold their keys and set up their wallet, so x amount of keys are required for a transaction to be approved — this could be all keys or some.
Meanwhile, social recovery wallets are a nascent technology being developed recently and are set to become more accessible in the coming months with applications like the “Soul Wallet.”
Social recovery wallets allow transactions to be approved with a single “master key” which can be recovered if lost. Users can assign people to hold “recovery keys,” which can be used to reset the master key if lost.
Buterin said that once social recovery technology is made more accessible, he would recommend using it for hot storage.
He added that both technologies allow people to safeguard their assets in their lifetime and ensure they are recoverable after their deaths.
Buterin said an important part of using these technologies is choosing the “guardians” wisely. Guardians are people one would designate as holders of keys to confirm transactions or recover wallets. He said:
“Two key questions in using multi-sig wallets and social recovery wallets securely are: (i) whom do you choose as guardians, and (ii) what instructions do you give them?”
According to Buterin, guardians have to be people who will not lose keys and who will not conspire to steal the holder’s assets. As such, guardians should be as decentralized as possible. He added that each guardian’s risks should differ, and people should avoid commonalities when choosing guardians.
He said guardians could be people or devices, and using one’s device or wallet to act as a guardian does not reduce decentralization and is okay. However, most guardians should not be devices under a single person’s direct control.
Buterin recommended using guardians that do not know each other, and where possible, guardians should be in different countries. He said that guardians would only need to know each other in the case of a holder’s demise, and in those cases, these guardians would naturally find each other by reaching out to friends and family.
Additionally, Buterin said that guardians must be tested multiple times a year to ensure they still have access to their keys and there are no operational issues.