Multisig Implementation in Mobile Crypto Wallet

Implementing Multisig in Mobile Crypto Wallet

Multisig on mobile — not just "need N of M signatures." It's coordination between devices or people, managing signing state, storing pending transactions, and UX where user understands where they are. Stack and complexity depend on what exactly "multisig" means.

Two Completely Different Approaches

Smart contract multisig (Safe/Gnosis). Contract checks N signatures before execution. Transaction stored in contract as pending. Each signer independently approves via approveHash. Simple solution for team wallet. Mobile app — client to Safe Transaction Service API (safe-transaction-service), which stores pending-transactions offchain.

MPC (Multi-Party Computation). Private key never physically assembled in one place. Each party stores key shard, signature generated jointly via GG20 or CGGMP21 protocols (Threshold ECDSA). Complex implementation, no onchain trace, works with any contract.

For consumer wallets often need MPC (1 shard on device, 1 on server — 2-of-2 scheme protecting from device theft). For corporate — Safe 3-of-5.

Implementing Safe Multisig on Mobile

Integration via Safe{Core} SDK:

import { SafeFactory, SafeAccountConfig } from '@safe-global/protocol-kit'

const safeAccountConfig: SafeAccountConfig = {
  owners: [owner1Address, owner2Address, owner3Address],
  threshold: 2,
}

const safeFactory = await SafeFactory.create({ ethAdapter })
const safe = await safeFactory.deploySafe({ safeAccountConfig })

For signing pending transaction:

const safeTransaction = await safe.createTransaction({
  transactions: [{ to, data, value }]
})

const txHash = await safe.getTransactionHash(safeTransaction)
const signature = await safe.signTransactionHash(txHash)

await safeTxService.proposeTransaction({
  safeAddress, safeTransactionData: safeTransaction.data,
  safeTxHash: txHash, senderSignature: signature.data
})

Second signer gets push notification, sees transaction details, confirms with their signature. When N collected — app sends executeTransaction.

MPC: Implementing Natively

For 2-of-2 scheme (phone + server) use open-source libraries: tss-lib (Go), multi-party-ecdsa (Rust). On mobile — native module (Swift/Kotlin) with Rust bindings via UniFFI or C FFI.

Keygen — one-time message exchange between device and server via WebSocket. Result: each party gets shard, stores locally, full key never exists anywhere.

Transaction signature: interactive signing round (2–4 round-trips), takes 200–500ms with good connection. Acceptable, but show progress.

Managing Pending Transactions in UI

List transactions with statuses: pending_signatures (how many of N collected), ready (can execute), executed, rejected. Each transaction — details: recipient address, amount, call data (decoded if ABI known). Notify signers via FCM/APNs.

Process

Audit requirements: Safe vs MPC, signer count, notification flow. Safe integration — 1–2 weeks (SDK + Safe Transaction Service + UI). MPC with native libraries — 1–3 months (keygen, signing, correctness testing, security audit). Custom pricing.