Multi-sig

Advanced Feature

HyperCore supports native multi-sig actions. This allows multiple private keys to control a single account for additional security. Unlike other chains, multi-sig is available as a built-in primitive on HyperCore as opposed to relying on smart contracts.

The multi-sig workflow is described below:

• To convert a user to a multi-sig user, the user sends a ConvertToMultiSigUser action with the authorized users and the minimum required number of authorized users required to sign an action. Authorized users must be existing users on Hyperliquid. Once a user has been converted into a multi-sig user, all its actions must be sent via multi-sig.

• To send an action, each authorized user must sign a payload to produce a signature. A MultiSig action wraps around any normal action and includes a list of signatures from authorized users.

• The MutiSig payload also contains the target multi-sig user and the authorized user who will ultimately send the MultiSig action to the blockchain. The sender of the final action is also known as the leader (transaction lead address) of the multi-sig action.

  • When a multi-sig action is sent, only the nonce set of the authorized user who sent the transaction is validated and updated.

  • Similarly to normal actions, the leader can also be an API wallet of an authorized user. In this case, the nonce of the API wallet is checked and updated.

• A multi-sig user's set of authorized users and/or the threshold may be updated by sending a MultiSig action wrapping aConvertToMultiSigUser action describing the new state.

• A multi-sig user can be converted back to a normal user by sending a ConvertToMultiSigUser via multi-sig. In this case, the set of authorized users can be set to empty and conversion to normal user will be performed.

Miscellaneous notes:

• The leader (transaction lead address) must be an authorized user, not the multi-sig account

• Each signature must use the same information, e.g., same nonce, transaction lead address, etc.

• The leader must collect all signatures before submitting the action

• A user can be a multi-sig user and an authorized user for another multi-sig user at the same time. A user may be an authorized user for multiple multi-sig users. The maximum allowed number of authorized users for a given multi-sig user is 10.

Important for HyperEVM users: Converting a user to a multi-sig still leaves the HyperEVM user controllable by the original wallet. CoreWriter does not work for multi-sig users. In general, multi-sig users should not interact with the HyperEVM before or after conversion.

See the Python SDK for code examples.