💡 The Plain-English Definition
Single-signature custody means one key controls your Bitcoin — simpler, with lower recovery complexity. Multisig means multiple keys are required — eliminates single points of failure, but adds coordination and backup complexity. Choosing between them is one of the most important security decisions a self-custodying Bitcoin holder makes.
🤔 But Why Though?
Single-sig is the default and the right starting point for most people. One seed phrase (the 12 or 24 word master backup for a Bitcoin wallet), one hardware wallet (a dedicated device that stores private keys offline), one backup location. The security model is simple: keep the seed phrase safe and private, and your Bitcoin is secure. The risk is equally simple: one point of failure — if the seed phrase is lost, stolen, or destroyed, the Bitcoin is gone or stolen.
Multisig eliminates that single point of failure. A 2-of-3 configuration (requiring any 2 of 3 keys to sign a transaction) means an attacker must compromise two separate keys to steal, and you must lose two separate keys to permanently lose access. This is genuinely more secure for large holdings — but the complexity cost is real. Each key requires its own seed phrase backup. The wallet also requires a descriptor backup (a file recording exactly how the keys were configured together — without it, recovery from seed phrases alone is extremely difficult). Signing a transaction requires coordinating two hardware devices. Recovery is more involved. The threshold question — when to graduate from single-sig to multisig — is personal and depends on the amount at risk, your technical comfort level, and your willingness to manage the additional backup complexity. A common guideline: single-sig is appropriate until the amount you hold would materially change your life to lose. At that threshold, the security improvement of multisig justifies its complexity. Many experienced Bitcoiners use a tiered approach: small amounts in single-sig for active use, larger savings in multisig cold storage.
🌍 The Real-World Analogy
Single-sig is like a single-key safe: simple, reliable, one point of failure. Multisig is like a bank vault requiring two officers with different keys: no single person can open it alone, which dramatically raises the bar for theft, but every opening requires both keyholders to be available and cooperating. The right choice depends on what you’re protecting and how much coordination overhead you can manage.
⚡ So What?
Start with single-sig done correctly: hardware wallet, seed phrase backed up in two separate locations, passphrase if appropriate. Get comfortable with that before adding multisig complexity. When your holdings grow to the point where the downside of single-sig failure is genuinely significant, research 2-of-3 multisig setups using hardware wallets from different manufacturers (so a firmware vulnerability in one doesn’t affect all three keys). The key is progressing through security tiers deliberately rather than jumping to complexity you’re not ready to manage.