I don't mean creating a chain of multisig addresses directly on M/x'. I mean deriving subkeys from several different users M/x', that would be used to create an address.
I would ask 3 users (in a 2-of-3 escrow transaction) to give me an extended key for M/x' when they register.
So I could get M/1' from one users, M/34' from another, and M/9' from another. By giving me a key for an unused wallet chain, I can derive keys for receiving coin and signing. I don't necessarily have to use the internal one for creating signing keys.
Say it's their first transaction on the site. Generate M/1'/1/0, M/34'/1/0, M/9'/1/0 and create a multisig address from it.
The next time they transact, it would be generated from M/1'/1/1, M/34'/1/1, M/9'/1/1, and so on.
I have some code up here to go through an example of generating a multisig address using 3 different wallets keys. A chain of multisig addresses can be derived for each user.
https://github.com/Bit-Wasp/multisig/blob/master/application/controllers/examples.php#L48-96(I need to look into an issue in this code, one of the final public keys generated in this example is being rejected by Bitcoind. It passes the test vectors put up on github, so not sure how this arose but I'll try update soon)
The output of this transaction could be to the address generated by first users M/1'/0/0, if the first user was receiving the funds. This time it's on the external chain. In fairness I could just keep popping from the external branch, a new child key each time.
There's a wallet called haskoin which allows you to create a wallet chain, M/0' like what I'm doing here, but that it is partially seeded. It supplies one key, you supply the other one/two/etc keys as needed. Each address in the chain is a new one derived from each of these keys. This should be interesting software when it's complete!
