Squads: From Zero to the Multisig Protocol Securing $10B on Solana (Part 1)

Squads started at the Solana Season Hackathon 2021 as a mobile-first governance app. After recognizing the urgent need for on-chain security and decentralized asset management, the team pivoted to build a multisig protocol, which has now become a core infrastructure layer for Web3 organizations.

Today, Squads is the standard multisig wallet on Solana. Hundreds of DAOs, venture funds, and DeFi projects like Helium, Jito, and Pyth trust it.

They use it to manage millions of dollars in on-chain assets. Secured value exceeding $10B across 300+ teams, , including $2B in stablecoins. Its journey proves that success in Web3 doesn’t come from luck but from listening to users and adapting to real needs.

If you’ve ever searched for:

• What is a multisig wallet?
• How do DAOs manage their treasury on Solana?
• Why multisig wallets are essential for on-chain security?

Then the story of Squads Protocol is a perfect example of how a smart pivot can turn a simple hackathon project into a trusted Web3 infrastructure. Their journey highlights how solving real problems in smart contract security and private key management can transform a hackathon project into an indispensable protocol.

If you’re interested in how Web3 companies adopt self-custody or multisig wallets, you can also read Why Fintech Companies Should Choose MPC Wallets to Go On-Chain to understand the difference between multisig and MPC in real-world enterprise use.

What You Will Learn From This Article

• Product Overview: The key features that make Squads more advanced than traditional multi-sig wallets - a foundational tool for Decentralized Autonomous Organizations (DAOs) - and how it redefines the concept of a smart account on Solana through on-chain smart contracts and policy-based automation.
• Building Trust and Credibility: The role of formal verification, audits, and open-source transparency in securing smart contracts and safeguarding private keys, making Squads one of the most trusted protocols in the Solana ecosystem.
• Insights for Web3 Builders: Practical lessons for founders and developer teams building DAO-friendly on-chain products - from smart contract design and user experience to long-term brand positioning.

What Is Squads and Why It Became the Standard for Web3 Builders

Squads Protocol is a native multi-sig wallet protocol on Solana that allows multiple users to manage and secure on-chain assets transparently and collaboratively across different blockchain networks.

It helps Decentralized Autonomous Organizations (DAOs), funds, and Web3 startups protect their treasuries from single points of failure while enabling enterprise-level asset governance with permissions, spending limits, and approval workflows.

Unlike traditional multi-sig wallets such as Safe (on Ethereum) or Goki (on Solana), Squads is natively built for Solana, offering faster speed, lower fees, and seamless integration with dApps. Even non-technical users can create a self-custody wallet in just a few minutes, with no coding required.

With the philosophy “Build infrastructure people have to use, not speculate on,” Squads avoids hype and token releases, focusing instead on security, user interface, and organizational control. This practical approach has made it the benchmark for on-chain DAO treasury management, trusted by major projects like Pyth, Drift, Jito, Helium, Helius, and Raydium.

If you’re looking for the best multi-sig wallet on Solana or a safe way to manage DAO treasury management in a decentralized organization, Squads is the case study every Web3 builder should learn from.

Core Features and Competitive Advantages of Squads

At first glance, Squads might look like any other multi-sig wallet on Solana. But when you start using it, you’ll realize it’s redefining what multisig means - not just securing assets, but enabling decentralized organizations to operate as efficiently as traditional companies.

1. Smart-Account Abstraction: From Basic Multisig to Programmable Smart Accounts

Earlier solutions like Goki or Serum Multisig mostly stopped at the simple “X-of-Y signatures” model. With Squads Protocol, multisig evolves into a smart contract-powered smart account - a programmable structure that lets teams set roles, spending limits, time locks, and custom approval rules, similar to how banks or fintech companies manage internal permissions.

Examples:

• The founder has the final approval right for transactions.
• The treasury manager can withdraw only up to 5,000 USDC per day.
• Large transactions are time-locked for 24 hours for review and verification.

This approach turns Squads into the standard for on-chain treasury governance on Solana, where security and efficiency coexist instead of conflicting.

Read more: Multisig vs MPC Wallets: Which Is the Safer Custody Solution?. That article explains how MPC wallets (like Fystack) extend the same on-chain governance principles as Squads but in a more decentralized and self-hosted way.

2. User Experience: The Most Intuitive Multisig Wallet on Solana

If you’ve ever used Safe (formerly Gnosis Safe) on Ethereum, you’ll know that traditional multisig wallets can be developer-centric - too many steps, too many signatures, and too much room for confusion. Squads takes the opposite route: fast, native, and human-friendly, designed for teams that don’t necessarily have developers.

The Squads v4 release introduced a completely redesigned user interface:

• Create a multisig wallet with just a few clicks - no CLI required.
• Approvals are displayed with clear visual workflows, easy for operations or marketing teams to understand.
• Comes with SquadsX Extension Wallet, enabling users to sign transactions directly on dApps like Raydium, Jupiter, or Drift without moving funds to an external wallet.

While Safe still requires a new browser tab for transaction review, SquadsX executes approvals within the same interface, providing a smooth, personal-wallet-like experience with full organizational control.

3. Security and Trust: The First Formally Verified Program on Solana

On Ethereum, Safe earned trust through extensive audits. On Solana, Squads went even further - it became the first formally verified smart contract on the network. This means that instead of relying only on human audits, Squads’ logic has been mathematically proven to be correct.

Squads has an open-source codebase. OtterSec and the Solana Foundation audit it carefully. Because of this, Squads became known for security and transparency. It quickly became the main multi-sig wallet for DAOs and funds managing their DAO treasury management processes.

In practice, this means that if a project needs to upgrade its smart contracts, deployment can only occur with multisig consensus, eliminating the single point of failure risk.

Examples:

• Jito uses Squads multisig to manage upgrades to their programs.
• Other major Solana projects (like Pyth and Helium) also list Squads among their trusted multisig solutions for on-chain operations.

Key takeaway: For critical modules like code upgrades or large treasury management, embedding them within a multisig structure is now the industry standard for security and transparency.

4. Scalability and Integrability: Extending Workflows Beyond Asset Storage

Most multisig wallets (such as Goki or Safe) stop at storing assets and signing transactions. Squads takes it further by integrating multisig functionality across the entire operational workflow of a dApp.

With SquadsX, token-holding members of a DAO can stake SOL, swap tokens, or provide liquidity directly from their multisig wallet without transferring funds externally. This is particularly valuable for decentralized organizations in Vietnam or Southeast Asia, where fund approval processes can be complex.

Squads simplifies approval flows, minimizes errors, and enhances transparency across blockchain networks.

The Sub-Accounts feature allows teams to divide funds by purpose - for example, Payroll, R&D, Marketing, or Operations - each with its own permissions and spending limits.

This structure resembles how traditional enterprises manage multi-department treasuries, creating a full DAO treasury management system. Safe and Goki do not currently support this system natively.

Fystack offers a similar layer of real-time monitoring for MPC wallets, ensuring organizations don’t miss critical on-chain transactions - similar to how Squads tracks multisig activity: MPC Wallet Monitoring – Real-Time Alerts

5. Practical Flexibility: Spending Limits and the Balance Between Security and Speed

The Squads v4 update introduced Spending Limits, allowing specific members to withdraw funds up to a preset amount without requiring full multisig approval, while still remaining under collective control.

Example:
A Web3 project using Squads to store USDC collected from users often needs to off-ramp funds to its Circle enterprise account. If every transaction required multiple signatures, operations would slow down significantly.

Instead, the team can set a daily spending limit, allowing one authorized member to withdraw within that limit safely. Similarly, when paying vendors or recurring expenses, assigning small spending permissions keeps operations smooth without compromising security.

Key takeaway:
Features like Spending Limits represent a “middle ground” in Web3 treasury design, balancing internal control with speed - a critical factor for fast-growing organizations that use governance tokens to coordinate decisions.

Read more: DEK-KEK – The Industry Standard to Protect Highly Sensitive Data | Fystack Blog. It explores how key encryption mechanisms in MPC architecture offer a similar model of granular access control, much like Spending Limits in Squads.

Challenges and Limitations of Multisig Wallets

While multisig has become the security standard for on-chain organizations, it is not a sacrosanct solution for every situation. Some technical challenges still remain:

• Approval latency: Time locks or multiple-signature requirements can delay transactions during emergencies.
• Higher operational costs: Interactions require more on-chain actions compared to individual wallets, especially when multiple signers operate under network congestion.
• Complex UX: For non-technical DAO members or small product teams, multisig workflows can still feel unintuitive.
• Limited cross-chain capability: Expanding from Solana to ecosystems like Ethereum, Sui, or Avalanche requires solving governance and inter-chain verification challenges.

Squads has proven its strength within the Solana ecosystem, but to become a multichain standard, it must tackle interoperability and governance issues at scale.

Finally, trust - the foundation of Squads’ success is also its biggest vulnerability. A critical security flaw, or lack of transparency during incidents, could erode years of credibility. This is not just a Squads problem; it’s the universal challenge for all Web3 infrastructure protocols.

The evolution of on-chain asset management on the Solana blockchain doesn’t stop at traditional multisignature wallets. While multisig wallets ensure that multiple members co-sign transactions, policy-based governance introduces programmable rules that define when, how, and under what conditions a transaction can occur - effectively automating DAO treasury management and Solana wallet operations.

Imagine this logic replacing manual approvals:
“Block any transaction above $500 without finance team approval.”
“Allow token swaps only within whitelisted pools.”
“Pause all treasury operations while a DAO vote is active.

This model makes on-chain organizations safer and more autonomous, reducing human error while aligning closer to real-world governance.
It’s the natural next step beyond multisig - from manual approvals to programmable, conditional control.

Perspective from Fystack: The Future of Policy-Based Control

At Fystack, we view this as the natural evolution of Web3 asset management infrastructure, where security, automation, and scalability converge.

Multisig solves the problem of human coordination, while policy-based control extends it into safe automation.

Fystack is built on MPC, which stands for Multi-Party Computation. This technology splits private keys across multiple parties. Fystack includes a programmable rule engine. This engine lets wallets automatically execute transactions under predefined logic.

This setup reduces operational mistakes and internal risks. It also keeps decentralization.

Rather than replacing multisig, Fystack enhances organizational governance by enabling smarter, more autonomous, yet transparent operations - staying true to the core values of Web3.

This philosophy also underpins Fystack Ignite, an open-source, self-hosted digital asset custody platform that lets teams deploy secure infrastructure with a single command.

It represents the next wave of programmable governance, now being adopted across Solana and beyond, moving toward a future where on-chain control truly belongs to the user.

Lessons from Squads and the Road Ahead

For teams building on-chain asset products or DAO governance tools, the journey of Squads offers valuable lessons:

• Listen closely to user feedback, especially from non-technical teams.
• Treat security as a core feature, not an afterthought.
• Evolve governance from manual approval (multisig) to policy-based control.

As Squads continues to serve as the organizational multisig standard on Solana - securing smart contract operations and shared treasuries across DAOs - a new chapter is unfolding: how product-led principles turned this foundation into one of the strongest go-to-market stories in Web3.

Read Part 2: “Squads: How Product-Led Growth Redefined Go-To-Market on Solana” - exploring how the team scaled trust, adoption, and ecosystem impact without tokens or hype.

Fystack builds on this foundation with a policy-based governance engine that automates on-chain asset management and enforces rules at the protocol level - without ever exposing private keys.

Together, these innovations represent the next generation of Web3 infrastructure - one designed to enhance organizational security and enable self-operating, intelligently governed entities.

🔗 Explore more at fystack.io