Learn by doing

Walkthroughs that take you from a fresh testnet account to a successful multi-sig ceremony. The HBAR walkthrough below is the canonical example; everything else is a variant — same shape, one piece changed.

You're on the testnet dApp — the right place to follow these walkthroughs. Get a free testnet account at portal.hedera.com.

HBAR walkthrough — the canonical example

~30 minutes end-to-end. CLI signers, CLI coordinator, real multi-sig ceremony, mirror confirmation. The simplest path through the protocol — every variant below changes one piece of this.

  1. 01
    Precheck. Verify operator credentials, balance, and dependencies. (00-precheck.js)
  2. 02
    Generate keys. Three Ed25519 keys, encrypted with a passphrase. Each signer holds one. (01-generate-keys.js)
  3. 03
    Create the threshold account. KeyList(2-of-3) wraps the three public keys. The account is the multi-sig treasury. (02-create-threshold-account.js)
  4. 04
    Start the coordinator. WebSocket server holds session state, broadcasts the frozen tx, collects signatures. (npx hedera-multisig server)
  5. 05
    Sign the ceremony. Coordinator builds + freezes + injects an HBAR transfer. CLI participants review and approve within 120s. (npx hedera-multisig participant)
  6. 06
    Verify. Mirror node confirms the transfer landed. Receipt success isn't enough — the network must externalize. (06-verify-on-mirror.js)
View the full walkthrough on GitHub

Variants

Each variant is the HBAR walkthrough with one piece swapped — signing surface, transaction type, key curve, or coordination model. Skim the line, follow the link if it's the shape you need.

dApp signing
Same ceremony, but signers participate through the public dApp + a Hedera wallet (HashPack, Blade, Kabila) instead of the CLI participant. Best for “what does signing actually feel like for participants?”
Token & NFT transfers
Same shape, different transaction types — HTS fungible transfers, NFT transfers, and token-association ceremonies. Smoke-test for the dApp's non-HBAR transaction-builder paths.
ECDSA keys
Same dApp flow as above, but with secp256k1 (ECDSA) keys instead of Ed25519. Validates the entire stack — coordinator, dApp, CLI, mirror — is genuinely curve-agnostic. Useful when an EVM-native team brings their existing keys.
Smart-contract calls
Deploy as a single-sig EOA, interact normally, then convert the account to 2-of-3 multi-sig and prove single-sig is dead. Adds the EOA→multi-sig migration story plus multi-sig increment() and withdraw() ceremonies.
Scheduled signing
No 120-second window — HIP-423 async signing over hours, days, or up to ~62 days. Each signer signs on their own time; the network executes when the threshold is met. The pattern for cross-timezone treasury teams.
Agent automation
Replaces a human signer with a headless agent driven by composable policy rules — amount limits, recipient allowlists, time windows. Same ceremony shape, different signer. Showcase for the Agent Signing SDK.

Prerequisites

  1. Get a testnet account at portal.hedera.com (free; auto-funded with ~10,000 ℏ).
  2. Clone the repo from github.com/lazysuperheroes/hedera-multisig and run npm install.
  3. Copy .env.example to .env and set OPERATOR_ID + OPERATOR_KEY.
  4. Run node 00-precheck.js in the walkthrough directory — verifies env, balance, and dependencies.

Deeper reading

Architecture, threat model, and decision recipes — the documents that go beyond the demo. For teams choosing whether this is the right multi-sig solution.