Learn how to set up and use co-signing (multi-sig) wallets with Turnkey.
Co-signing, often referred to as multi-signature (multi-sig), provides an enhanced layer of security for blockchain transactions. It requires approvals from multiple parties before a transaction can be executed. This guide details how to implement a 2/2 co-signing setup using Turnkey, where both the end-user (via passkey) and your application backend (via API key) must approve transactions.
The following diagram illustrates the setup and transaction flow for a co-signing wallet managed by Turnkey and your backend application:
Create a Sub-Organization with Multiple Root Users
To set up a multi-sig wallet in Turnkey, you first need to create a sub-organization with two root users. This sub-organization will function as a separate entity with its own wallet and security settings.
The key configuration here is setting up:
This creates a true multi-sig arrangement where neither party can unilaterally control the wallet. The following code shows how to implement this setup on your backend:
Client-Side Transaction Initiation
When the user wants to sign a transaction using their multi-sig wallet, they need to initiate the process from your frontend application. This step involves:
The transaction won’t be fully signed yet - it will be in a “requires consensus” state until your backend approves it. Here’s how to implement this flow in your frontend:
Backend Activity Approval
Your backend needs an endpoint to receive the activity fingerprint from the frontend and approve it using its own API key.
subOrgId
they are interacting with.