Multisig

This guide offers an overview of the multisig program.
Multisig
The multisig will be used to govern program and IDL upgrades for Serum Programs, including the multisig itself. 
You can access multisig at: http://multisig.projectserum.com/​
For now, the multisig being used on the mainnet is this address:
3uztpEgUmvirDBYRXgDamUDZiU5EcgTwArQ2pULtHJPC
The program-derived-address (i.e. the "authority" representing this multisig) is:
2bXuJdSb4AeAZTBY8NDtYnSbxXGjgjkMHw9dPS9gjK9r
Smart Contract Source: https://github.com/project-serum/multisig​
UI Source: https://github.com/project-serum/multisig-ui​
Brief snippet on how the program works: https://github.com/project-serum/multisig#multisig​
​
Purpose
The primary motivation for the multisig is to manage program upgrades, but in order to use a multisig, the proper tooling must be in place: 
(1) A multisig program 
(2) Deterministic, verifiable builds 
(3) A way for multisig holders to use the program (i.e. verify an upgrade against source, compiled bytecode, and then execute the upgrade)
Addressing (1): You can find the multisig repo here: https://github.com/project-serum/multisig​
Addressing (2) is done with by building inside the docker image https://hub.docker.com/repository/docker/projectserum/build here. Programs written in the Anchor can easily leverage this with the anchor build --verifiable and anchor verify <program-id>  commands.

Addressing (3) is done with the UI at https://multisig.projectserum.com.
With this tooling in place, future upgrades by any program can take advantage of them. 
Brief Tutorial
Multisig is unaudited software. Use at your own risk.
1 - Go to http://multisig.projectserum.com/​
​
Welcome screen
2 - Read and accept the pop-up Agreement:
No statement or warranty is provided in relation to the utility of this program, the safety of its code or its suitability for your use, and by using it, you agree to bear any risk associated with such potential vulnerabilities, including, but not limited to the potential loss of tokens.
2A - If you have not done so already, press "CONNECT WALLET" on the upper-right of the page.
​
3 - To create a new multisig account, press on the large plus-sign circle ("+") on the bottom-right of the page.
4 - The New Multisig pop-up menu will appear. Input your desired Threshold and Participant (SPL wallet) address:
New Multisig menu
If the New Multisig menu does not show the right number of Participant fields, try refreshing the page. Be sure to re-connect your wallet.
If you are using sollet.io wallet, be sure to approve every action in the pop-up window or tab!
If you are successful in creating a multisig account, you will see a blue box on the bottom-left saying "Multisig created: [address]".
​
4A - You can learn more about the Signer by pressing on the info circle to the right of the address. You will see the following box:
Multisig Info (Signer) pop-up box
5 - To create a new transaction to be signed by the multisig, press the plus ("+") sign to the right of the address. You will see the following menu:
New Transaction menu when you click the "+" arrow
6 - Upon selecting a new transaction and inputting the relevant fields (e.g. inputting the "Participant" addresses under the "Set owners" option), you will see in the main menu under your multisig address the "APPROVE" and "EXECUTE" buttons.
"APPROVE" signs the transaction on behalf of the participant. "Threshold" participants must first "APPROVE" in order to "EXECUTE" a transaction.
Once the threshold is reached, anyone can "EXECUTE". When you submit a transaction, you automatically "APPROVE".
Last modified 2yr ago