What is Monero multisig?

Monero multisig (multi-signature) is a wallet type that requires multiple private keys to authorize a transaction. For example, a 2-of-3 multisig wallet has 3 keyholders but only 2 signatures are needed to spend funds. This enables escrow, shared treasury, and inheritance planning without trusting a single party.

How does Monero multisig differ from Bitcoin multisig?

Monero multisig preserves full transaction privacy. Unlike Bitcoin where multisig transactions are visible on-chain (P2SH addresses start with '3'), Monero multisig transactions look identical to regular transactions. An observer cannot tell whether a transaction used multisig or a standard wallet.

What is 2-of-3 multisig escrow in P2P trading?

In P2P trading, 2-of-3 multisig escrow means the buyer, seller, and an arbitrator each hold one key. The buyer and seller can complete the trade together (2 keys). If there's a dispute, the arbitrator sides with the honest party and co-signs with them. No single party can steal the funds. Haveno (RetosSwap, DawnSwap) uses this model.

Is Monero multisig safe for large amounts?

Yes. Monero multisig is cryptographically sound and used by Haveno for thousands of trades. However, it requires careful key management: each participant must securely store their key, and key exchange must happen over encrypted channels. For very large amounts, combine multisig with cold storage (air-gapped signing).

Can I set up Monero multisig with Feather Wallet?

Not yet in the GUI. As of 2026, Monero multisig setup requires monero-wallet-cli (command line). Feather Wallet supports viewing multisig balances but full creation/signing is CLI-only. Haveno handles multisig automatically behind the scenes.

What happens if one multisig keyholder loses their key?

In a 2-of-3 setup, losing one key is recoverable — the other 2 keyholders can still sign transactions. In a 2-of-2 setup, losing one key means the funds are permanently locked. This is why 2-of-3 is recommended for most use cases.

Does Haveno use Monero multisig?

Yes. Haveno uses 2-of-3 multisig for every trade. The buyer, seller, and arbitrator each hold one key. Security deposits from both parties are locked in the multisig wallet. The process is fully automated — traders never touch raw multisig commands.

How many key exchange rounds does Monero multisig require?

Monero multisig requires N-1 rounds of key exchange, where N is the total number of participants. For 2-of-3 multisig: 2 rounds. For 2-of-2: 1 round. Each round involves exporting and importing key information between all participants.

Monero Multisig Explained — 2-of-3 Escrow, Shared Wallets & Setup Guide

How multi-signature wallets work in Monero. From P2P trading escrow to inheritance planning. Privacy-preserving by default.

TL;DR: Monero multisig requires M-of-N keys to spend funds. 2-of-3 is the standard for P2P escrow (buyer + seller + arbitrator). Unlike Bitcoin multisig, Monero multisig transactions look identical to regular transactions on the blockchain — no privacy leak. Haveno automates this entirely. Manual setup is CLI-only (monero-wallet-cli).

Escrow Guide Haveno Tutorial Haveno Review Cold Storage Wallet Setup Glossary

What Is Multisig?

In a standard Monero wallet, one private key controls all the funds. Lose it and the funds are gone. Get hacked and the funds are stolen. Multisig (multi-signature) splits control across multiple keys.

A multisig wallet is defined by two numbers: M-of-N.

N = total number of keyholders (participants)
M = minimum signatures required to spend

Example: In a 2-of-3 wallet, there are 3 keyholders but only 2 need to agree to move funds. This means:

No single person can steal the money
If one person loses their key, the other two can still access funds
Disputes can be resolved by the third party (arbitrator)

Monero Multisig vs Bitcoin Multisig

This is where Monero excels. On Bitcoin, multisig transactions are publicly visible on the blockchain. Bitcoin P2SH addresses start with 3, and any block explorer shows the M-of-N structure. This leaks information about the wallet's security model and the number of participants.

Monero multisig is completely private:

Property	Bitcoin Multisig	Monero Multisig
On-chain visibility	Visible P2SH/P2WSH address reveals multisig	Hidden Looks like regular transaction
Number of signers visible	Yes	No
Amount visible	Yes	No (RingCT)
Sender visible	Yes	No (ring signatures)
Receiver visible	Yes	No (stealth addresses)
Setup complexity	Low (single round)	Higher (N-1 rounds of key exchange)

Bottom line: Monero multisig provides the same security guarantees as Bitcoin multisig, but with complete transaction privacy. An observer cannot tell whether any given Monero transaction used multisig or not.

Common Multisig Configurations

2-of-2

Both parties must agree. Used for: joint accounts, payment channels, simple escrow between two trusted parties. Risk: if one key is lost, funds are permanently locked.

2-of-3 (Most Common)

Any two of three parties. Used for: P2P trading escrow, shared treasury, inheritance. If one key is lost or compromised, the other two can recover funds. This is the gold standard.

3-of-5

Majority consensus. Used for: DAO treasury, organizational funds, high-security cold storage. Tolerates up to 2 compromised or lost keys.

N-of-N

All must agree. Used for: atomic operations that require unanimous consent. Risk: a single uncooperative or lost keyholder blocks all spending.

2-of-3 Multisig in P2P Trading (Haveno)

This is the most common use of Monero multisig. When you trade XMR for EUR on Haveno (RetosSwap, DawnSwap), every trade uses a 2-of-3 multisig wallet:

How the Escrow Works

Trade initiated. The buyer, seller, and arbitrator each contribute one key to create a shared 2-of-3 multisig address.
Funds locked. The seller's XMR + both parties' security deposits are sent to the multisig address. Neither party can touch them alone.
Fiat payment. The buyer sends EUR (cash by mail, bank transfer, etc.) to the seller.
Normal completion. Once the seller confirms payment received, buyer and seller co-sign (2 of 3 keys) to release XMR to the buyer and deposits back to both parties.
Dispute. If there's a disagreement, either party opens a dispute. The arbitrator reviews evidence and co-signs with the honest party (2 of 3 keys) to resolve it.

Key insight: The arbitrator can never steal funds alone — they only hold 1 of 3 keys. They can only co-sign with one of the trading parties. This is why 2-of-3 is fundamentally safer than centralized escrow where the platform holds all the money.

Haveno Security Deposits

Platform	Deposit	Fees	Arbitration
RetosSwap	15% of trade	0.6% total	RoundTheRoses (24-48h)
DawnSwap	5% of trade	~2% total	Anonymous team (24/7)

Both deposits lock in multisig when the trade starts. If a party doesn't follow through (griefing), the arbitrator can award the honest party both deposits. This economic incentive discourages bad behavior.

Use Cases Beyond P2P Trading

Shared Treasury / Team Wallet

A project or organization uses a 2-of-3 or 3-of-5 multisig wallet for its XMR treasury. No single team member can run off with the funds. Spending requires consensus from the minimum threshold of keyholders.

Inheritance Planning

Create a 2-of-3 multisig wallet where you hold 2 keys (one hot, one in a safe deposit box) and your heir holds 1 key. During your lifetime, you control the funds with your 2 keys. After death, your heir combines their key with the one from the safe deposit box to access the funds. No lawyer, no probate, no KYC.

Cold Storage with Recovery

Store funds in a 2-of-3 multisig wallet where keys are distributed across geographically separate cold storage locations. If one location is compromised (theft, fire, natural disaster), the other two can recover funds. This is strictly superior to single-key cold storage for large holdings.

Business Payments

A business uses multisig to require two executives to approve large payments. Prevents unauthorized spending while maintaining Monero's privacy. The company's payment structure is invisible on the blockchain.

How to Set Up a 2-of-3 Multisig Wallet

Important: As of March 2026, Monero multisig setup requires monero-wallet-cli (command line). GUI wallets like Feather Wallet can view multisig balances but cannot create or sign multisig transactions. Haveno automates the entire process behind the scenes — traders never touch CLI commands.

Prerequisites

3 participants, each with monero-wallet-cli installed
An encrypted communication channel (Signal, Session, PGP email) for exchanging key files
Each participant creates a fresh wallet: monero-wallet-cli --generate-new-wallet multisig_alice

Round 1: Prepare Multisig Info

1 Each participant runs prepare_multisig in their wallet CLI. This outputs a multisig info string (starts with MultisigV1...).

2 Share your info string with the other 2 participants via encrypted channel. Each person should receive 2 info strings (one from each other participant).

Round 2: Make Multisig

3 Each participant runs: make_multisig 2 <info_from_participant_2> <info_from_participant_3>. The 2 means "2 signatures required." This outputs another info string.

4 Share the new info strings again (Round 2 exchange). Each person should receive 2 new strings.

Round 3: Finalize

5 Each participant runs: finalize_multisig <info_round2_p2> <info_round2_p3>. The wallet now shows the shared multisig address.

6 Verify: All 3 participants should see the same address. If they don't, something went wrong — start over.

The wallet is ready. Send XMR to the shared address. To spend, 2 of 3 participants must cooperate: one creates a transaction (transfer), exports it (export_multisig_info), sends to the co-signer, who imports (import_multisig_info) and signs (sign_multisig), then broadcasts (submit_multisig).

Spending from Multisig

# Participant A (initiator):
export_multisig_info multisig_a_info
# Share multisig_a_info → Participant B

# Participant B:
import_multisig_info multisig_a_info

# Participant A creates the transaction:
transfer <destination_address> <amount>
# Saves unsigned TX file → share with Participant B

# Participant B co-signs:
sign_multisig <unsigned_tx_file>
# Outputs signed TX → broadcast

# Participant B submits:
submit_multisig <signed_tx_file>

After Spending: Sync Key Images

After any transaction, all participants must exchange key images to keep balances in sync:

# Each participant:
export_multisig_info my_key_images
# Share with all other participants

# Import from others:
import_multisig_info key_images_from_p2 key_images_from_p3

Common Mistakes

Using 2-of-2 When 2-of-3 Is Better

With 2-of-2, losing one key = permanent fund loss. With 2-of-3, you survive one key loss. Always prefer 2-of-3 unless you have a specific reason for unanimous consent.

Exchanging Keys on Unencrypted Channels

Multisig info strings are sensitive. Sending them over Discord DMs, unencrypted email, or public chat compromises the security model. Use Signal, Session, or PGP.

Forgetting Key Image Sync

After every spending transaction, all participants must exchange updated key images. If you skip this, wallet balances become inaccurate and future transactions may fail.

Storing All Keys in One Location

The entire point of multisig is distributing trust. If all 3 keys are on the same computer or in the same room, you've gained nothing over a standard wallet. Distribute keys geographically.

No Backup Plan for Key Loss

If you're using 2-of-3, losing 2 keys locks the funds forever. Each participant should back up their key (seed phrase) on paper or metal in a secure location. Same cold storage best practices apply.

Mixing Up Multisig Rounds

The key exchange has strict ordering (prepare → make → finalize). Importing info from the wrong round corrupts the wallet. Label everything clearly: "Round 1 from Alice", "Round 2 from Bob."

Current Limitations (March 2026)

CLI-only setup. No GUI wallet supports full multisig creation and signing. Feather Wallet has partial support (viewing). This will improve over time.
Interactive signing. Each spending operation requires manual file exchange between participants. Not suitable for high-frequency transactions.
N-1 setup rounds. A 2-of-3 wallet requires 2 rounds of key exchange. A 3-of-5 requires 4 rounds. More participants = more setup complexity.
FCMP++ impact. The upcoming FCMP++ upgrade will require changes to multisig internals. The user-facing process (key exchange, signing) is expected to remain similar, but wallet software will need updates. Haveno will handle this automatically.
No hardware wallet support. You cannot use a Trezor or Ledger as a multisig participant. All keys must be on software wallets (hot or air-gapped).

When to Use Multisig vs Alternatives

Scenario	Best Option	Why
P2P trading (XMR ↔ EUR)	Haveno (automated 2-of-3)	Zero effort — multisig is handled behind the scenes
Casual trade with known party	Direct transfer (no multisig)	Trust is sufficient; multisig adds unnecessary complexity
High-value trade with stranger	Manual 2-of-3 + trusted arbitrator	When Haveno isn't available or trade size exceeds platform limits
Team/DAO treasury	3-of-5 multisig	No single member controls funds; survives 2 compromised keys
Inheritance	2-of-3 (you hold 2, heir holds 1)	You control funds during life; heir recovers after death
Maximum cold storage	2-of-3 + air-gapped + metal seed backup	Survives single-point failures: fire, theft, hardware death
Quick storage	Standard wallet with seed backup	Simplest. Good for amounts you can afford to lose to a single point of failure.

Trade with Multisig Escrow

I trade XMR ↔ EUR with multisig escrow available on every trade. Cash by Mail (EU-wide) and Face-to-Face (SW Germany: Frankfurt, Stuttgart, Mannheim, Heidelberg, Karlsruhe, Freiburg, Strasbourg). 683 trades, 454 partners, 100% feedback.

Contact: Telegram @arnoldnakamura • Signal: +7578818677 • XMRBazaar

Previously chingchongfalung on LocalMonero/AgoraDesk (verified on Wayback Machine).