There are two methods using multi-sigs:
1) Using your public key associated with your Bitcoin address. While the vendor and the admin of the DNM will need to supply their own public key as well (fimilar with this method).
2) 2/x number of multi-sigs (like 2/3). All three parties participate using their public key; the difference is: 2 parties only need to sign the public key (if I am saying this correctly since I am not familiar with this method) in order to release the fund.
Possible scamming attempt:
Vendor will pay commission to vendor(s) to just simply sign the damn public key (like-wise to Admin). This is going to be one hell of a complicated digital heist. This is for the second part of multi-sig (2/x (x amount) signature(s) required).
If the admin is just using the public key itself which is associated with the Bitcoin (no signature), which is Acropolis is doing, they just have to "sweep/swipe" their public key and gets all of the fund.
I am new to this multi-sig thing.
Discuss.
The first one requires a lot of coordination, at that point much easier scams would be available. Once it done a few times it would be very obvious.
I don't understand the second one, maybe you can go into more details