Although Coinbase hasn’t yet fully embraced “multisig” addresses, their latest API update now provides tools for experimenting with the service. The system is still in beta and limited to developers, Coinbase suggested that “a great consumer interface” for multisig is currently in the works. Should the API work as intended, the multisig tool will remove one of the biggest concerns many skeptics and security advocates have about Coinbase. As the company said in the blog post, “Does this put me in control of my Bitcoin? Yes.”
There’s nothing new about multisig addresses, and companies like BitGo and GreenAddress have already made great strides at making the technology usable. Multisig is easy enough to understand in its most basic form: To make a transaction, two of three private keys must agree on all of the details. If a user has one key on a mobile or hosted wallet, and a company like Coinbase has another key with a set of conditions (a price limit, a list of approved merchants, a two-factor-authentication password and so forth), fraud becomes very difficult to pull off because both keys are needed. A third private key, perhaps encrypted and stored securely on an offline format by the account owner, can be used should the wallet service fail, go out of business, or otherwise be unavailable.
The move might also have a major legal implication for Coinbase. If users fully control their wallets, and Coinbase acts merely as a passthrough and transaction approval party to a multisig wallet, it will be difficult for regulators to claim that the company is similar to a bank. If Coinbase doesn’t act like a bank, many of the restrictions and regulations imposed on the banking industry won’t apply. With regulation a major concern in the bitcoin industry, the multisig API and likely consumer-level version could play a small-but-important role how in how third-party services are treated under the law.