Multi-Party Computation (MPC) 101

Intro to MPC

It’s been a big topic in cryptography since the 80s (Pioneered by Andrew Yao), and more recently applied to digital assets. The protocol remained mostly in academic and theoretical realms until computing power and algorithmic improvements in the 2000s made it possible to put it into practice.

https://www.researchgate.net/figure/Millionaires-problem_fig1_320290997

Relevance to Key Management

When it comes to crypto wallets, one of the biggest issues today is how easy it is to lose or give away seed phrases. This becomes a single point of compromise.

Axelar Network: Security Measures

Related: Threshold Digital Signatures

TSS is when a threshold of at least m out of n parties is required to produce a signature, thereby removing the need for trusting a single entity. This protocol can be combined with MPC to require a minimum number of signatures to approve a message.

Multi-sig vs. MPC

The difference between multi-sig and MPC is that, instead of 1 key being split up into multiple shares held by multiple parties (MPC), each party in a multi-sig has its own private key. For the transaction to succeed, a minimum threshold of signers needs to approve it.

https://docs.gnosis-safe.io/introduction/the-programmable-account/eoas-vs.-contract-accounts

Multi-sig example: Gnosis Safe

The Gnosis Safe allows users to define a list of owner accounts and a threshold of minimum signatures required to confirm a transaction. When the threshold is reached, a Safe transaction can be executed.

https://gnosis-safe.io/static/df5a5bc44d16189df7e6b1cc9556a685/bc8e0/multisig.png

MPC In Use

Fireblocks

Serving 1300 large institutional players, Fireblocks offers a platform for digital asset custody that involves MPC wallets, token issuance/management, as well as access to defi. Its customers include banks, exchanges, lending desks, hedge funds, market makers, and other institutions.

ZenGo

ZenGo creates two key shares, one stored on your mobile device and the other on the ZenGo server. This means that ZenGo cannot access your funds, but users initiate a process in which the server and device shares will sign the transaction without revealing each party’s secret to one another.

https://zengo.com/a-deep-dive-into-zengo-guaranteed-access-solution/

Coinbase

Coinbase is launching a way for users to explore dApps without having to manage a recovery phrase, and using MPC to split up the key between users and Coinbase.

Conclusion

We are still in the early innings of MPC, but it is becoming a compelling choice for securing digital assets in a way that preserves user experience while avoiding the storage of an entire private key online, offline, or in a physical device (single point of compromise).

Sources & Further Reading

Deeper dives

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Julia Wu

Julia Wu

Building things. Prev. engineering at Brex, Apple, MSFT. More at juliawu.me