Multisig Accounts and Inner Transactions

I am trying to do the following steps:

  1. create a normal Algorand account
  2. create a smart contract
  3. rekey the normal account to the smart contract
  4. create a multi-sig account (1/2 threshold), where one account is the normal one and one account is the smart contract address
  5. send transactions using either the normal account or inner transactions through the smart contract

Is this possible?

Hi @javier0rosas,

No, is not possible, since MultiSig accounts consider purely public/secret key pairs, and not Algorand accounts associated to those public keys. Rekeying has no effect, since Rekey deals with Accounts.

1 Like

What is the difference between an account and public/secret key pairs? I thought a public key was basically an account.

Quote from here:

“Accounts are entities on the Algorand blockchain associated with specific on-chain local sate. An Algorand Address is the unique identifier for an Algorand Account.”.

I really recommend to have a look at this section of the documentation: Overview - Algorand Developer Portal

On a theoretical level, all the potential public/secret keys pairs “already exists” mathematically, we just keep discovering them as we inject entropy into the Ed25519 high-speed, high-security elliptic-curve signatures.

The result of Ed25519 is basically a copule of sequences, 32 bytes each, that are then “transformed” in what we usually call: Algorand Address (associated to the 32 bytes of the public key) and Algorand Mnemonic (associated to the 32 bytes of the secret key). Note that this operation has no interaction with the Algorand blockchain itself, you can keep generating as many public/secret key pairs as you wish, even being disconnected from the Internet.

The association between an Algorand Address and an Algorand Account only happens with the very first “primordial” funding of the Algorand Address with a minimum balance (0.1 ALGO), by which the whole Consensus Protocol becomes aware of your existence as Algorand Account from now on.

Algorand Account’s actions can be authorise in 3 different ways:

  1. As Single Signature Account (by a public/secret key)
  2. As Multi Signature Account (by a threshold of different public/secret keys)
  3. As Smart Signature or Smart Contract Account (by TEAL logic)

When you Rekey, you rekey an Algorand Account, not an Algorand Address: you are not really “decoupling” a public key from its secret key, you are just changing account’s authorisation. You can think of Rekey as a way to “declare” to the whole Consensus Protocol that, from now on, this Algorand Account, identified by this Algorand Address, must be authorised by:

  1. Another Single Signature Account
  2. Another Multi Signature Account
  3. Another Smart Signature or Smart Contract Account

This new association is stored in Account’s on-chain local state.