From Zero to One: How Teams Use KeyPal to Manage a Multisig Treasury (Secure Workflow)
1. Tutorial Objectives
Create an EVM contract multisig wallet address in TokenPocket (EVM used as example; BTC/Tron/Solana and other heterogeneous chains are also supported);
Add multiple KeyPal 2 hardware wallet addresses as Owners and complete collaborative multisig signing in subsequent transactions.
This setup fits team treasuries, project fund management, and family shared custody: it avoids single private-key risk by distributing authorization across multiple people/devices. EVM multisig is essentially smart-contract-based multisig, so on-chain gas is required at creation.
TokenPocket multisig is based on Gnosis Safe / Safe{Wallet}. You can recover the current multisig contract address in Safe or any wallet compatible with the Safe protocol, and continue multisig management.
2. Prerequisites
Latest TokenPocket App installed
At least 2–3 available signing addresses (preferably held by different people)
Some addresses should come from KeyPal 2 hardware wallets (recommended)
1 wallet address to pay deployment gas (can be a hot wallet)
Clear multisig parameters in advance (e.g., 2/3, 3/5)
EVM multisig supports configurable Owners (up to 30) and minimum confirmations; creation is an on-chain contract action and requires gas.
3. Key Concepts
1) Owners
The set of management/signing addresses for the multisig wallet. You can add on-chain addresses exported from KeyPal 2 as Owners.
2) Threshold
Minimum number of confirmations required. For example:
2/3: any 2 of 3 Owners can execute
3/5: any 3 of 5 Owners can execute
3) Transaction Queue
A multisig transaction is not executed immediately after initiation. It enters a queue first, then executes after reaching the signature threshold.
Hands-on Steps (EVM Contract Multisig)
Step 1: Open multisig wallet creation
Open TokenPocket → top-right “Wallet” → “Multisig Wallet”.
Step 2: Choose EVM chain
Select the chain where you want to deploy multisig (e.g., Ethereum / BNB Chain / Arbitrum / Base). Prefer the chain where your main treasury assets are located to reduce cross-chain ops complexity.
Step 3: Configure multisig parameters
Fill in:
Multisig wallet name: local display only, not on-chain
Owners: add multiple signing addresses (include KeyPal 2 addresses here)
Minimum confirmations: e.g., 2/3, 3/5
Payer wallet: address used to pay deployment gas
Step 4: Generate and create
After confirming details, create multisig and complete the on-chain transaction. Once confirmed, you get a contract multisig address (your team treasury address).
Add KeyPal 2 addresses into multisig
Option A: Add during creation (recommended)
In Step 3, put KeyPal 2 addresses directly into Owners. After creation, those addresses are native signing members.
Option B: Add after creation via management
Enter multisig wallet details → Management → submit “Add/Replace Owner” proposal. This proposal also follows multisig flow and takes effect after threshold signatures.
How to sign with KeyPal 2
Standard signing flow (transfer example):
Any Owner initiates a transaction (transfer/contract call);
Transaction enters queue (Pending);
Other Owners confirm one by one;
KeyPal 2 holder verifies on hardware and signs (via BLE/QR based on your setup);
Once threshold is met, transaction is executed on-chain.
Parameter Recommendations
Small Team (3 people)
Owners: 3
Threshold: 2 (2/3)
Good for: balance of efficiency and security
Core Treasury (5 people)
Owners: 5
Threshold: 3 (3/5)
Good for: medium-to-large pools
High-Value Vault
Owners: 5–7
Threshold: 4 or above
Combine with: at least 2 KeyPal 2 addresses + geographically separated custody
Security Best Practices
Do not place all Owners on the same device type (mix hot wallets and hardware wallets)
Keep KeyPal 2 devices under different custodians; avoid one person controlling multiple keys
Use two-step execution for large transfers: small test first, then formal transaction
Verify before every signature: destination address, amount, chain, gas
Reserve one emergency Owner for device failure/personnel changes
Avoid N/N thresholds (e.g., 3/3), otherwise losing 1 key may permanently lock funds
Last updated