Multi-Sig

Advanced Feature

The Hyperliquid L1 supports native multi-sig actions in addition to normal L1 actions. This allows multiple private keys to control a single account for additional security. Unlike other chains, multi-sig is available as a built-in primitive on the L1 as opposed to relying on smart contracts.

The multi-sig workflow is described below:

  • To convert a user to a multi-sig user, the user sends a ConvertToMultiSigUser action with the authorized users and the minimum required number of authorized users required to sign an action. Authorized users must be existing users on the L1. Once a user has been converted into a multi-sig user, all its actions must be sent via multi-sig.

  • To send an action, each authorized user must sign a payload to produce a signature. A MultiSig action wraps around any normal action and includes a list of signatures from authorized users.

  • The MutiSigpayload also contains the target multi-sig user and the authorized user who will ultimately send the MultiSig action to the L1. The sender of the final action is also known as the leader of the multi-sig action.

    • When a multi-sig action is sent, only the nonce set of the authorized user who sent the transaction is validated and updated.

    • Similarly to normal actions, the leader address can also be an API wallet of an authorized user. In this case, the nonce of the API wallet is checked and updated.

  • A multi-sig user's set of authorized users and/or the threshold may be updated by sending a MultiSig action wrapping aConvertToMultiSigUser action describing the new state.

  • A multi-sig user can be converted back to a normal user by sending a ConvertToMultiSigUser via multi-sig. In this case, the set of authorized users can be set to empty and conversion to normal user will be performed.

  • Misc notes: A user can be a multi-sig user and an authorized user for another multi-sig user at the same time. A user may be an authorized user for multiple multi-sig users. The maximum allowed number of authorized users for a given multi-sig user is 10.

Important for EVM users: Converting an L1 user to a multi-sig still leaves the EVM user controllable by the original wallet. In general, multi-sig users should not interact with the EVM before or after conversion.

See the Python SDK for code examples.

PreviousOrder bookNextHyperliquid Improvement Proposals (HIPs)

Last updated