Vultisig: Vault Shares & Resharing

In the Vultisig “multisignature” wallet, the individual vault shares are the signers. When a user first setup a vault, each device will contain its own individualized vault share. E.g. for a 2-of-3 Secure Vault:

The vault shares should be back-up and stored securely separate from the devices. For example, if a user loses his Device A, he can simply obtain a new Device D, import Vault Share 1-of-3 into it, and he is back in business.

Let’s say, instead of importing Vault Share 1-of-3 into Device D, the user instead imported Vault Share 2-of-3 into Device D:

From Vultisig’s point of view, Device D & Device B are now the same signer. Since the 2-of-3 Vault needs two distinct signers to execute a keysign, if the user tries to sign with Device D & Device B, it will not work. The user can sign either with Device D & Device C, or Device B & Device C.

VultiSigner (Fast & Active Vaults)

In a 2-of-2 Fast Vault, or 2-of-3 Active Vault, one of the vault shares is now handled by the VultiSigner, and emailed (with password protection) to the user during vault creation.

2-of-2 Fast Vault:

2-of-3 Active Vault:

Let’s say with a 2-of-2 Fast Vault; the user deleted and reinstalled Vultisig app on his device, but imported Vault Share 1-of-2 (from the VultiSigner email backup) into his device:

In this scenario, the user will not be able to execute any transaction, as there is only one signer available.

The reason that the VultiSigner Vault Share 1-of-2 was emailed to users during vault creation is so that in the event that the VultiSigner service is unavailable, the user can import Vault Share 1-of-2 into an alternate Device B, and thus continue to sign transactions with Device A & Device B.

Reshare

The Vault Reshare function lets the user modify his vault setup: e.g. from a 2-of-2 to a 2-of-3 setup, but retain the same addresses. Some points to consider:

1- Vault resharing needs the threshold consensus from the original vault setup to be present, and to be part of the new vault setup. For example, from a 2-of-2 vault with Device A & Device B, if user wants to reshare into a 2-of-3 vault, both Device A & Device B must participate in the vault reshare:

The user cannot reshare from Device A & Device B -> Device A, C & D, for example. However, if the user do want to use only Device A, C & D in the future, he can import Vault Share 2'-of-3' from the previous example into Device D, and thus have the below setup:

In this example, if Device B still has the Vultisig app (with Vault Share 2'-of-3') installed, that device is still active and can still sign transactions together with Device A or Device C.

2- Notice that after the reshare, the vault shares have changed from 1-of-2 & 2-of-2 to 1’-of-3’, 2’-of-3’ and 3’-of-3’. These old and new vault shares are incompatible with each other, i.e. the user cannot use Vault Share 1-of-2 to sign with Vault Share 2’-of-3’, for example. However, Vault Shares 1-of-2 & 2-of-2 are still active, and can still sign transactions. Users are encouraged to properly delete Vault Shares 1-of-2 & 2-of-2, and re-backup the new Vault Shares 1’-of-3’, 2’-of-3’ and 3’-of-3’ to avoid confusion.

Resharing from a 2-of-2 Fast Vault

Let’s say a user has a 2-of-2 Fast Vault, and would like to change to a 2-of-2 Secure Vault instead. How could he go about it?

1- If the user just simply imports the VultiSigner’s Vault Share 1-of-2 into an alternate Device B, the VultiSigner is still an active part of the vault setup, so this is still a Fast Vault. If Device A is compromised, an attacker can still initiate transactions from this device, and VultiSigner will still sign the transaction.

2- If the user tries to Reshare from his 2-of-2 Fast Vault directly to a 2-of-2 Secure Vault; this is not possible as both the VultiSigner and Device A must participate in the reshare and thus the VultiSigner cannot be removed as a signer via this step.

3- Instead, the user must first Reshare from his 2-of-2 Fast Vault to a 2-of-3 Active Vault:

Then, the user can reshare again from the 2-of-3 Active Vault to a 2-of-2 Secure Vault, using only Device A & Device B during the reshare step:

Again, the user has to be cognizant that if an attacker gains control of Vault Share 2-of-2, he still can drain the funds by signing a transaction together with Vault Share 1-of-2 (which will be signed by the VultiSigner). Similarly, if an attacker gains control of Vault Share 2’-of-3’ or Vault Share 3’-of-3’, he can again drain the funds by signing a transaction together with Vault Share 1’-of-3’ (which will be signed by the VultiSigner, unless it doesn’t meet the preset Transaction Policies which are yet to be implemented).

Therefore, it is always recommended to properly delete all previous vault shares. Or consider creating a fresh Secure Vault (with fresh addresses) and moving funds from previous Fast/Active Vaults to the new Secure Vault, for zero exposure to VultiSigner or risk of previous pre-reshare vault shares.

===

Please feel welcome to join the THORChain University Discord to chat about this topic or any other THORChain interest you may have.

*New!* The Bifröst School: A robust, incentivized,free on-chain learning program that teaches THORChain users everything about its mechanics, design, and features.

Explore THORChain: Website, X, Telegram, Developer Discord.

Explore Maya Protocol, the first friendly fork of THORChain: Website, X, Discord, Telegram.

Decentralized, permissionless, non-custodial, trust-minimized, open-sourced, economically-secured, non-wrapped, native-to-native cross-chain swaps, and savings!