Original multisig-code.fc allows malefactor to drain funds out of the wallet by submitting multiple order messages to smart contract.
Setting limit of unconfirmed order submitted by one party allows to avoid the situation when one compromised private key leads to total draining of funds from the contract. Each orders signed with the root key increments the counter for this key, so when the limit is reached external messages get reverted. As soon as number of signatures for any order is reached and transaction is processed this counter is reset for all the parties.
fift -s generate-key.fif <signature-index> [<wallet-name>]
<signaure-index> index on the signature in range 1 to N
<wallet-name> the file name for the wallet
<wallet-name>.pub<signature-index>
<wallet-name>.pk<signature-index>
fift -s generate-key.fif 1 new
Generates new.pk1 and new.pub1 new.pub1 is a public key that is shared and used for creating initial state for the wallet
When all N pub keys are collected one of the parties generates bag of cells containing the code and initial state for the multi-wallet contract.
fift -s multi-wallet.fif <workchain> <k> <n> <max-requests> [<wallet-name>]
<workchain> - workchain id
<k> - number of signatures enough to confirm and perform transaction request
<n> - total number of signatures. <wallet-name>.pub1 ... .pubn files must be located in the same folder
<max-requests> - maximum number of orders submitted by one party
<wallet-name> the file name for the wallet
multi-wallet-code.fif
<wallet-name>.pub<1..n>
<wallet-name>-init.boc
fift -s multi-wallet.fif 0 10 16 3 new
Shows bounceable and Non-bounceable address. Some Grams shouls be transferred to bouncable address to deploy the contract. It also displays hexadecimal string with the content of initial transaction. Generates new.addr - address of the wallet, new-init.boc - bag of cells containing code and initial state for the wallet. Content of this file or hexadecimal message mentionel above should be sent to TON blockchain to deploy initialized smart contract.
Any of parties create request
fift -s multi-wallet-request.fif <wallet-name> <dest-addr> <seqno> <amount> <validity> [-B <body-boc>]
<wallet-name> - name of the wallet
<dest-addr> - destination address
<seqno> - internal current seqno, used for faster access, not sent to smart contract
<amount> - amount of grams to sending
<validity> - period in seconds since the moment the request was created
<body-boc> - file with the body of the message to be sent or string
None
<wallet-name>.req<seqno> file containing request message. This file must be shared between parties.
fift -s multi-wallet-request.fif new EQB9w2tPnNCm4cXmlY98+haK3ProhZ4kQLiQGSRCZbTbn3hP 1 11.5 6000 -B TestMe
new.req1
At least K parties should sign request.
fift -s sign-request.fif <signature-index> <seq-no> [<wallet-name>]
<signature-index> - signature index of participants
<seq-no> - internal seqno
<wallet-name> - name of the wallet
<wallet-name>.req<seqno>.sign<signature-index> file that contains signature for the request. This file should be shared to build transaction
<wallet-name>.req<seq-no>
<wallet-name>.pk<signature-index>
fift -s sign-request.fif 1 1 new
new.req1.sign1
When K signature files are collected now it is time to build request and execute transaction.
fift -s multi-wallet-build.fif <seqno> <n> <signature-index> [<wallet-name>]
<seq-no> - sequence number of transaction
<n> - total number of signatures possible. The same n as used for creating the wallet.
<signature-index> - index of the signature used as root signature
<wallet-name> - name of the wallet
<wallet-name>.req<seqno> k number of <wallet-name>.req<seqno>.sign<1..n> request files, <wallet-name>.pk<signanture-index>
<wallet-name>.req<seq-no>.boc
fift -s multi-wallet-build.fif 1 3 2 new
Iterates over available signature files new.req1.sign<1..3> and creates new.req1.boc containing bag of cells for request. If less than 2 are found, request file will be created anyway but transaction will not be validated, request is signed by signature 2.