On November 5, 2024, the cryptocurrency community is digesting the lessons from a devastating $53 million hack that exploited weaknesses in how decentralized lending protocol Radiant Capital configured its shared wallet system. With Bitcoin trading at around $69,360 and Ethereum at $2,423, the incident serves as a powerful reminder that understanding how your crypto wallets work — especially shared wallets used by organizations — is essential knowledge for anyone in the space.
This guide breaks down multisig wallets in plain language, explains what went wrong in the recent attack, and shows you what to look for when evaluating whether a protocol’s security setup is adequate.
The Basics
A multisig wallet — short for multi-signature wallet — is a type of cryptocurrency wallet that requires multiple people to approve a transaction before it can be executed. Think of it like a corporate bank account that needs two or more executives to sign a check before the money moves.
In the crypto world, a multisig wallet is defined by two numbers: the total number of people who have signing authority, and how many of them need to sign for a transaction to go through. For example, a “5-of-7” multisig means there are 7 authorized signers, and at least 5 of them must approve any transaction.
The idea is simple but powerful: even if one person’s keys are compromised, an attacker cannot steal the funds because they need additional approvals. This makes multisig wallets far more secure than single-key wallets for organizations, DAOs, and DeFi protocols managing large amounts of user funds.
Why It Matters
The Radiant Capital hack demonstrates exactly why multisig configuration matters. The protocol used an 11-signer multisig that required only 3 signatures to authorize transactions — a “3-of-11” setup. This means an attacker only needed to compromise about 27% of the signers to gain full control of the wallet.
And that is precisely what happened. Attackers deployed sophisticated malware that infected the hardware wallets of three developers, allowing them to manipulate the protocol’s smart contracts and drain approximately $53 million from lending pools on Binance Smart Chain and Arbitrum.
The malware was particularly devious: it manipulated what the developers saw on their screens when they went to sign transactions. The Safe{Wallet} interface appeared normal, and even third-party verification tools like Tenderly showed nothing suspicious. The developers thought they were approving routine operations when they were actually signing away control of the protocol.
After the hack, Radiant Capital reconfigured its multisig to a “4-of-7” setup, meaning an attacker would now need to compromise over 57% of signers — more than double the previous threshold.
Getting Started Guide
If you are evaluating a DeFi protocol or organization that uses a multisig wallet, here are the key questions to ask. First, what is the signer-to-threshold ratio? As a general rule, the approval threshold should represent at least 50% of total signers. A 3-of-5 or 4-of-7 configuration is generally considered reasonable, while a 3-of-11 setup is dangerously weak.
Second, who are the signers? A multisig is only as decentralized as its signers. If multiple signers work in the same office, use the same network, or follow similar security practices, the effective security of the multisig is much lower than the numbers suggest. Look for geographic and operational diversity among signers.
Third, how are transactions verified? The Radiant hack showed that visual verification through wallet interfaces can be compromised. Protocols that implement additional verification layers — such as requiring transactions to be reviewed on independent devices, or implementing time-lock delays that allow for community review — provide stronger guarantees.
Common Pitfalls
The most common mistake in multisig configuration is prioritizing operational convenience over security. A low threshold like 3-of-11 makes day-to-day operations faster because you only need three people to sign off, but it dramatically reduces the security benefit. Always remember that multisig security is not about the total number of signers — it is about the proportion of signers that must agree.
Another pitfall is neglecting the security of individual signers. A multisig wallet does not eliminate the need for strong individual key management. Each signer must maintain rigorous security practices: using hardware wallets, keeping firmware updated, signing transactions only on trusted devices, and being vigilant against phishing and malware attempts.
Finally, many organizations fail to regularly audit and rotate their multisig configurations. As teams change, signers leave, or new threats emerge, the multisig setup should be reviewed and updated accordingly. A configuration that was adequate a year ago may not be sufficient today given the evolving sophistication of attacks.
Next Steps
For beginners, the most important takeaway is that not all multisig wallets are created equal. Before trusting a protocol with your funds, take a few minutes to understand its wallet configuration. Look up the multisig address on a block explorer, check the signer details, and evaluate whether the threshold provides meaningful security. Resources like Safe{Wallet}’s dashboard and DeFi security tracking tools can help you verify these details without needing technical expertise.
The $53 million Radiant Capital hack is an expensive lesson for the entire industry, but it is also a learning opportunity. By understanding the basics of multisig security, you can make more informed decisions about where to deposit your funds and which protocols take security seriously.
Disclaimer: This article is for educational purposes only and does not constitute financial or security advice. Always conduct your own research before interacting with any cryptocurrency protocol.
this should be required reading before anyone deposits into a defi protocol. most people have no idea how the multisig behind their favorite pool is configured
The corporate bank account analogy is perfect. Explaining multisig to my parents was impossible until I used that exact comparison.
the corporate bank account analogy works until someone asks about key rotation. thats where the comparison breaks down and things get complicated fast
Been in crypto since 2017 and I still learned something from the Radiant breakdown. The signing sequence matters as much as the threshold.
^ this. so many protocols use 3-of-5 but never explain what happens when signers get phished. the human element is always the weakest link
the 3-of-5 with two signers phished is exactly what happened to radiant. threshold without operational security is theater
radiant used a 3-of-5 where the attacker compromised 3 signers individually. the math was fine but the operational security was non-existent
vault_ops the operational security angle gets missed every time. 3-of-5 sounds fine until 3 signers use the same infra and one breach gets all 3. threshold math is irrelevant if OPSEC fails
the radiant hack proved that multisig threshold means nothing if signers dont use isolated environments. 3 keys on 3 machines in the same office is just 1 key with extra steps
5-of-7 multisig sounds secure until you learn the Radiant attackers social engineered their way into controlling enough keys. multisig is useless if your signers are the weak link
this is why i keep saying hardware wallets for individuals AND protocol governance should use timelocks. even if all keys are compromised you get a window to react
good guide for beginners. wish i had something this clear back in 2020 when i first started using multisig on Gnosis Safe