Multi-Signature Accounts

The Aptos Rust SDK supports multi-signature accounts that require multiple parties to authorize a transaction. This is useful for shared custody, organizational wallets, and governance scenarios where no single party should have unilateral control.

MultiKeyAccount

A MultiKeyAccount implements an M-of-N threshold signing scheme that supports mixed cryptographic key types. You can combine Ed25519, Secp256k1, and Secp256r1 keys in a single account. This is the recommended approach for multi-signature accounts.

Creating a Multi-Signature Account

To create a MultiKeyAccount, generate the individual key pairs first, then combine their public keys with a signing threshold:

use aptos_sdk::account::{
    Ed25519Account, Secp256k1Account, MultiKeyAccount, AnyPublicKey,
};

// Generate signers with different key types
let ed25519_signer = Ed25519Account::generate();
let secp256k1_signer = Secp256k1Account::generate();
let ed25519_signer_2 = Ed25519Account::generate();

// Create a 2-of-3 multi-key account with mixed key types
let multi_key_account = MultiKeyAccount::new(
    vec![
        AnyPublicKey::Ed25519(ed25519_signer.public_key().clone()),
        AnyPublicKey::Secp256k1(secp256k1_signer.public_key().clone()),
        AnyPublicKey::Ed25519(ed25519_signer_2.public_key().clone()),
    ],
    2, // signatures_required
)?;

println!("Multi-key address: {}", multi_key_account.address());

In this example, any two of the three signers can authorize a transaction. The signatures_required parameter must be between 1 and the total number of public keys (inclusive). Signers can use any supported key type — Ed25519, Secp256k1, or Secp256r1 — allowing one signer to use a software wallet while another uses a hardware device with different cryptographic capabilities.

Signing with a MultiKeyAccount

When signing a transaction, you provide the individual signers that will participate. The number of signers must meet or exceed the threshold:

// Sign with ed25519_signer and secp256k1_signer (2-of-3 threshold met)
let signature = multi_key_account.sign_with_signers(
    &message,
    vec![&ed25519_signer, &secp256k1_signer],
)?;

MultiEd25519Account (Legacy)

Caution

MultiEd25519Account exists for compatibility with older accounts on-chain. For new multi-signature accounts, use MultiKeyAccount instead — it supports the same Ed25519-only configurations plus mixed key types.

A MultiEd25519Account implements an M-of-N threshold signing scheme restricted to Ed25519 keys only. If you need to interact with an existing on-chain multi-sig account that was created with MultiEd25519, you can load it as follows:

use aptos_sdk::account::{Ed25519Account, MultiEd25519Account};

// Generate three individual signers (all must be Ed25519)
let signer_1 = Ed25519Account::generate();
let signer_2 = Ed25519Account::generate();
let signer_3 = Ed25519Account::generate();

// Create a 2-of-3 multi-signature account
let multi_account = MultiEd25519Account::new(
    vec![
        signer_1.public_key().clone(),
        signer_2.public_key().clone(),
        signer_3.public_key().clone(),
    ],
    2, // signatures_required
)?;

Signing works the same way as MultiKeyAccount:

// Sign with signer_1 and signer_3 (2-of-3 threshold met)
let signature = multi_account.sign_with_signers(
    &message,
    vec![&signer_1, &signer_3],
)?;