Vault are a type of covenant that require two separate transactions to appear in two different blocks in order for a user to spend money from their wallet. The first transaction signals that someone is attempting to spend the money and gives the user a chance to block the second transaction that completes the spend.
A vault protocol specifies a minimum amount of time or number of blocks that must pass between the two transactions, giving the user that amount of time to notice if someone stole their private key and is attempting to steal their money. If the user detects the theft attempt, most vault designs also allow the user to either send the money to a safe address that uses a more secure script or to permanently destroy the money to prevent the thief from profiting from their attack.
Some vault designs rely on covenants that require consensus changes to Bitcoin. Other vault designs use existing protocol features plus techniques such as signing transactions long in advance of needing them and then destroying the means to sign alternative transactions (either by securely deleting the signing key or by using multisig to ensure multiple independent keys would need to be compromised).
Primary code and documentation
- Möser-Eyal-Sirer vault proposal
- Vaults using OP_CHECKSIGFROMSTACK and OP_CAT
- Vaults without changing Bitcoin consensus rules
- Custody Protocols Using Bitcoin Vaults
Optech newsletter and website mentions
- Service proposed for storing presigned vault transactions
- Presentation of the Revault multiparty vault architecture
- Revault: an implementation of multiparty vaults
- Vault prototype written in Python
- OP_CHECKTEMPLATEVERIFY (CTV) workshop discussion: using CTV with vaults
- 2019 year-in-review: vaults without covenants
- Bitcoin vaults without covenants & weaknesses in previous vault proposals