I don't really understand the backend of how multisig transactions work. From what I understand, 2 of 3 parties need to sign off on a transaction in order for it to take place. The 3 parties are: customer, marketplace, vendor.
In the event of a marketplace shutdown, the vendor needs to be able to contact the customer on a different channel (I guess they have the person's physical address?) and convince the customer to somehow sign off on the transaction. This sounds like a lot of record keeping.
Why not have the 3 people be: marketplace, vendor/customer, 3rd party? You could find someone neutral (I'd say our amazing reddit mods, but that's a lot of pressure to put on them) who could release funds in the event of a market shutdown.
What element am I missing here?
This is where Timelock transactions come in to play.
EIC provided the vendor and the buyer with a timelock transaction, I can't remember the specifics but the vendors was obviously shorter. Anyhow it was a separate text block provided by the market that would become active as if the market had signed it(They cannot stop this after they provide it even if they exit) after a set period of time, you would broadcast it just as you would a multisig transaction.
The only flaw with this is vendors could just release the funds to themselves whether or not they sent anything out.
I believe I read something about Hansa releasing their private key if they were ever to go down and this was somehow automatic, I'm sure the Hansa reddit account may chime in if they wish to do so.