Multi-signature (multisig) Bitcoin custody requires more than one private key to authorise any transaction. A standard 2-of-3 setup means two separate keys must sign before a single satoshi moves. No single person, institution or device can act alone. That is what makes it the gold standard for securing significant Bitcoin holdings.
| Point | What it means |
|---|---|
| Single-key risk | One key is one point of failure. Lose it, have it stolen or be coerced and your Bitcoin is gone. |
| 2-of-3 multisig | Any two of three keys can sign a transaction. One compromised key cannot move funds. |
| Key separation | Keys are generated separately, never combined and stored in different physical locations. |
| Inheritance planning | A documented recovery protocol means heirs can access Bitcoin through a proper process, not guesswork. |
| Institutional governance | Multisig satisfies segregation-of-duties requirements. No single person can act unilaterally. |
The problem with a single private key
A standard Bitcoin wallet uses one private key. Control that key and you control everything in the wallet. Lose it and access is gone forever. That simplicity is appealing at the start. Over time, as the Bitcoin balance grows, it becomes a serious vulnerability.
Single-key custody has four failure modes. The key can be lost through accident: a fire, a flood, a hardware failure with no backup. It can be stolen: physically from a safe or digitally from a compromised device. It can be taken by coercion: someone who knows you hold Bitcoin forces you to transfer it. Finally, if you die without clear documented instructions, your heirs may have no way to access the funds at all.
Each of these failure modes ends in the same outcome: permanent loss. Multisig addresses all four.
How a 2-of-3 multisig structure works
In a 2-of-3 multisig setup, three private keys are generated. Any two of the three can authorise a transaction. None of the three keys is ever combined with another during normal operation. They are created separately and stored in separate physical locations.
A typical arrangement for a South African investor using SimplB’s vault looks like this. Key one sits with the client on a hardware wallet kept in a home safe. Key two is held by SimplB as the CASP-licensed custodian. Key three is held independently by a third party in a separate jurisdiction. To move Bitcoin, two of these three parties must sign the transaction.
To steal the Bitcoin, an attacker must compromise two keys at the same time: the client’s physical hardware wallet and the institutional custodian, for example. That is a substantially harder target than a single key. To lose access accidentally, the client would need to lose both their own key and all knowledge of the recovery paths. To take the Bitcoin by force, someone would need to coerce two separate key holders simultaneously.
Key generation and storage discipline
The security of multisig depends entirely on the keys never being combined or stored together. If all three keys end up in the same place at any point, the multisig structure collapses to a single point of failure.
Each key is generated on a separate hardware device. The seed phrases are backed up separately, typically on steel backup plates rather than paper. Each backup is stored in a different physical location. The client’s key might be in a home safe. The institutional key is in a professional custody facility. The third-party key is in a different city or country entirely.
This geographic and institutional separation is not overcaution. It is the basic requirement for the security model to hold. SimplB walks every client through this setup process and documents the configuration for future reference.
Inheritance planning built into the vault setup
Bitcoin has a well-documented inheritance problem. Many holders die without clear instructions, leaving significant wealth permanently inaccessible. Heirs know Bitcoin exists but cannot access it. Courts and lawyers cannot help because there is no institution to petition.
SimplB builds a documented inheritance protocol into every vault setup. The protocol specifies which keys exist, where each is stored, how a nominated heir contacts the relevant key holders and what verification steps apply. This is not a letter with a seed phrase. It is a structured process designed so that a designated person can access the Bitcoin through proper channels without the security model being compromised while you are alive.
The vault service treats estate planning as a core requirement, not an afterthought. It is one of the most important conversations SimplB has with new clients.
Why multisig satisfies institutional governance requirements
Institutional investors, family offices and professional trustees face governance requirements that single-key custody cannot meet. A standard requirement is segregation of duties: no single person should have unilateral control over significant assets. In traditional finance, this is achieved through dual authorisation, maker-checker processes and co-signatory requirements on bank accounts.
Multisig delivers the same control structure for Bitcoin natively. No investment committee member, trustee or director can move funds alone. Any transaction requires agreement from two key holders. This satisfies the governance standards that institutions already apply to their other assets and makes Bitcoin custody compatible with existing oversight frameworks.
For South African family offices and trusts exploring Bitcoin, the security structure SimplB uses is designed to fit within these requirements from the outset. Speak to a Bitcoin specialist to understand how it maps to your specific governance obligations.
Frequently asked questions
What is multisig Bitcoin custody?
Multisig (multi-signature) custody requires more than one private key to authorise a Bitcoin transaction. In a 2-of-3 setup, three keys exist and any two must sign before funds move. No single key holder can act alone. This removes the single point of failure that makes standard single-key custody vulnerable to loss, theft or coercion.
Who holds the three keys in SimplB’s vault?
In SimplB’s standard 2-of-3 structure, the client holds one key on a personal hardware wallet. SimplB holds a second key as a CASP-licensed custodian. A third key is held independently by another institution in a separate location. All three keys are generated separately and never stored together. You retain meaningful control: you and SimplB can always transact with your two keys.
What happens if I lose one of the keys?
Losing one key in a 2-of-3 multisig setup does not mean losing your Bitcoin. The other two keys are still sufficient to sign transactions and move funds to a new wallet. This is one of the core advantages of multisig over single-key custody. You can then generate a replacement key and restore the full three-key structure.
How does inheritance work with a multisig vault?
SimplB builds a documented inheritance protocol into every vault setup. A designated heir follows a specific process to contact the key holders, verify identity and access the Bitcoin. The documentation is stored with your estate planning records. It is designed so that heirs have a clear path without compromising the security structure while you are alive.
Is multisig suitable for individual investors or only institutions?
Multisig is appropriate for any Bitcoin holder where the value at stake justifies the additional setup. As a guide, most SimplB clients start considering multisig once their Bitcoin position exceeds R500,000 in value. Below that, a well-set-up hardware wallet with a properly secured seed phrase is usually sufficient. Above it, the single-key risk becomes material enough to warrant a more resilient structure.
Sources
- Bitcoin Whitepaper by Satoshi Nakamoto: the technical foundation for Bitcoin’s transaction signing model that makes multisig possible
- Financial Sector Conduct Authority (FSCA): CASP custody standards that FSCA-licensed providers must meet, including for institutional custody arrangements
- Fidelity Digital Assets: institutional research on multisig custody structures and best practices for significant Bitcoin holdings
- The Bitcoin Standard by Saifedean Ammous: background on Bitcoin’s properties as a bearer asset and the implications for custody and self-sovereignty
Ready to get your Bitcoin position right?
SimplB helps South African investors buy and hold Bitcoin properly. A short call is a good place to start.
Talk to a Bitcoin SpecialistWritten by James Caw, Founder of SimplB. James has helped South Africans understand, buy and secure Bitcoin since 2015. SimplB operates as a Juristic Representative of CAEP Asset Managers, FSP 33933. Last updated: May 2026.
This article is for general educational purposes only and does not constitute financial, legal, tax or exchange control advice. The information reflects the regulatory position as at the date of publication. Your individual circumstances may differ and you should seek qualified professional advice before making any decisions.
