# Setting Up a THORChain Multisig
To instantiate, store and deploy contracts on Rujira, teams need to setup a multisig on THORChain. There are currently three ways to setup a multisig on THORChain:
1. DAODAO
2. Keplr Multisig
3. Thornode Multisig Key
## 1. DAODAO
The preferred option to setup a multisig is using [daodao.zone](https://daodao.zone/) because it let's teams not just sign off on transactions, but contains a whole library of actions that satisfy all the needs a decentralised team will ever need:
You can create a DAO on DAODAO using this link:
## 2. Keplr Multisig
THORChain is available on [Keplr Wallet](https://www.keplr.app/) and hence [Keplr Multisig](https://multisig.keplr.app/), allowing teams to create simple multisigs to sign off on THORChain transactions:
You can create a Keplr Multisig using this link:
Consider using only individual Keplr wallets that are connected to Ledger hardware wallet to add an extra level of security to the Keplr Multisig.
## 3. Thornode Multisig Key
This guide walks you through the complete process of creating and using a multisig wallet on **THORChain**, including the installation of `thornode`, setting up the multisig key, generating and signing transactions, and finally broadcasting them.
This guide has been prepared with love by the [AutoRujira](https://autorujira.app/) team :heart:
### Special Instructions for macOS Users
If you're on macOS, you may encounter issues with default versions of tools like `awk`, `sed`, and `find`, which are not GNU-compliant. To fix this:
1. Install the GNU versions of the required utilities using Homebrew:
```bash
brew install coreutils binutils diffutils findutils gnu-tar gnu-sed gawk grep make
```
2. Add the GNU versions to your `PATH`. Add the following lines to your shell config (`~/.zshrc` or `~/.bash_profile`):
```bash
# GNU utils for macOS
export PATH="/usr/local/opt/coreutils/libexec/gnubin:$PATH"
export PATH="/usr/local/opt/findutils/libexec/gnubin:$PATH"
export PATH="/usr/local/opt/gnu-sed/libexec/gnubin:$PATH"
export PATH="/usr/local/opt/gawk/libexec/gnubin:$PATH"
```
Then run:
```bash
source ~/.zshrc # or source ~/.bash_profile
```
3. Update Go to the required version (at least Go 1.23.4):
```bash
brew upgrade go
```
Verify with:
```bash
go version
```
Once all is set up, you're good to go with `make install`.
***
### Prerequisites
Each member of the multisig must:
* Have access to a local terminal.
* Install `thornode`.
* Share their public key with the group.
* Be able to sign and submit transactions individually.
***
### Step 1: Install `thornode`
Install the Thorchain CLI binary on your machine:
```bash
git clone https://gitlab.com/thorchain/thornode.git
cd thornode
TAG=mainnet make install
```
> This installs the `thornode` binary in your `$GOPATH/bin`. Make sure it's in your system path.
***
### Step 2: Generate and Share Public Keys
Each participant should create a new key (if they don't already have one):
```bash
thornode keys add
```
Then export your **public key**:
```bash
thornode keys show -p
```
Share this public key with all other members.
To import a public key shared by another participant, use:
```bash
thornode keys add --pubkey
```
Once you have everyone's pubkeys imported, you can create the multisig key.
***
### Step 3: Create the Multisig Key
Each participant must **locally** create the multisig key with the same set of public keys and threshold:
```bash
thornode keys add --multisig= --multisig-threshold=
```
Example:
```bash
thornode keys add multisig-xx --multisig=pubkey1,pubkey2,pubkey3 --multisig-threshold=2
```
> ⚠️ This must be done **identically by all participants**.
***
### Step 4: Generate the Transaction (Only Once)
One participant prepares a transaction to send 1 RUNE and exports it to JSON (leave some RUNE for paying the fee):
```bash
thornode tx bank send 1000000000rune --generate-only --chain-id thorchain-1 > tx.json
```
This transaction file is then shared with all multisig participants.
***
### Step 5: Each Participant Signs the Transaction
Each participant signs the transaction using their own key and the multisig key:
```bash
thornode tx sign tx.json \
--from \
--multisig \
--node https://rpc.ninerealms.com:443 \
--chain-id thorchain-1 \
--output-document sig-.json
```
Everyone sends their `sig-.json` file to the coordinator.
***
### Step 6: Combine Signatures and Broadcast
One person aggregates the signatures and broadcasts the final signed transaction:
```bash
thornode tx multi-sign tx.json sig-1.json sig-2.json ... --chain-id thorchain-1 --node https://rpc.ninerealms.com:443 > signed.json
thornode tx broadcast signed.json --chain-id thorchain-1 --node https://rpc.ninerealms.com:443
```
***
### Final Step: Test It
Once the multisig address is finalized and funded, you can test the setup by executing a multisig transaction that sends 1 RUNE to a known address as shown above.
***
### Summary
* Every member installs `thornode`, generates their key, and shares the pubkey.
* All members must create the same multisig locally.
* One person creates the transaction; everyone signs.
* The final signed transaction is broadcast by one member.
* The process ensures **security and collective review** before execution.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.rujira.network/developers/setting-up-a-thorchain-multisig.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.