cashubtc · thesimplekid · Aug 19, 2025 · Jun 23, 2025 · Jul 10, 2025
diff --git a/11.md b/11.md
@@ -150,30 +150,45 @@ Here, `||` denotes string concatenation. The `B_` of each output is **a hex stri
 
 ### Multisig
 
-If the tag `n_sigs` is a positive integer, the mint will require valid signatures from `n_sigs` public keys contained in the `Secret.data` field and the `pubkeys` tag.
+Cashu offers two levels of multi-signature protection: `Locktime MultiSig` and `Refund MultiSig`, which are activated depending on the status of the proof's `locktime` tag.
+
+#### Locktime MultiSig
+
+> [!NOTE]
+> Locktime Multisig conditions only apply if the `locktime` tag is not present, or is a timestamp in the future.
+
+If the `pubkeys` tag is present, the `Proof` is spendable only if a valid signature is given by at least ONE of the public keys contained in the `Secret.data` field or the `pubkeys` tag.
+
+If the `n_sigs` tag is a positive integer, the mint will require at least `n_sigs` of those public keys to provide a valid signature.
 
 If the number of public keys with valid signatures is greater or equal to the number specified in `n_sigs`, the transaction is valid. The signatures are provided in an array of strings in the `P2PKWitness` object.
 
+Expressed as an "n-of-m" scheme, `n = n_sigs` is the number of required signatures and `m = 1 (data field) + len(pubkeys tag)` is the number of public keys that could sign.
+
 > [!CAUTION]
 >
 > Because Schnorr signatures are non-deterministic, we expect a minimum number of unique public keys with valid signatures instead of expecting a minimum number of signatures.
 
-Expressed as an "n-of-m" scheme, `n = n_sigs` is the number of required signatures and `m = 1 (data field) + len(pubkeys tag)` is the number of public keys that could sign.
-
-### Locktime
+#### Locktime
 
 If the tag `locktime` is the unix time and the mint's local clock is greater than `locktime`, the `Proof` becomes spendable by anyone, except if the following condition is also true.
 
 > [!NOTE]
 > A `Proof` is considered spendable by anyone if it only requires a `secret` and a valid signature `C` to be spent (which is the default case).
 
-#### Refund public keys
+#### Refund MultiSig
+
+If the `locktime` tag is in the past and the `refund` tag is present, the `Proof` is spendable only if a valid signature is given by at least ONE of the `refund` pubkeys.
+
+If the `n_sigs_refund` tag is present, the mint will require at least`n_sigs_refund` of the `refund` pubkeys to provide a valid signature.
 
-If the `locktime` is in the past and a tag `refund` is present, the `Proof` is spendable only if valid signatures are given by the `refund` pubkeys. The
+> [!CAUTION]
+>
+> Because Schnorr signatures are non-deterministic, we expect a minimum number of unique public keys with valid signatures instead of expecting a minimum number of signatures.
 
 #### Complex Example
 
-This is an example `Secret` that locks a `Proof` with a Pay-to-Pubkey (P2PK) condition that requires 2-of-3 signatures from the public keys in the `data` field and the `pubkeys` tag. If the `timelock` has passed, the `Proof` becomes spendable with a single signature from the public key in the `refund` tag. The signature flag `sigflag` indicates that signatures are necessary on the `inputs` and the `outputs` of the transaction this `Proof` is spent by.
+This is an example `Secret` that locks a `Proof` with a Pay-to-Pubkey (P2PK) condition that requires 2-of-3 signatures from the public keys in the `data` field and the `pubkeys` tag. If the `timelock` has passed, the `Proof` becomes spendable with a single signature from ONE of the two public keys in the `refund` tag. The signature flag `sigflag` indicates that signatures are necessary on the `inputs` and the `outputs` of the transaction this `Proof` is spent by.
 
 ```json
 [
@@ -187,7 +202,8 @@ This is an example `Secret` that locks a `Proof` with a Pay-to-Pubkey (P2PK) con
       ["locktime", "1689418329"],
       [
         "refund",
-        "033281c37677ea273eb7183b783067f5244933ef78d8c3f15b1a77cb246099c26e"
+        "033281c37677ea273eb7183b783067f5244933ef78d8c3f15b1a77cb246099c26e",
+        "02e2aeb97f47690e3c418592a5bcda77282d1339a3017f5558928c2441b7731d50"
       ],
       [
         "pubkeys",