Understanding MPC: Secure Multi-party Computation for Crypto Wallets by Utila

These wallets represent a significant leap forward in securing digital assets, offering advanced security mechanisms. Multi-party computation (MPC) is a cryptographic protocol that enables multiple parties to compute a single function based on their individual inputs without any input being revealed to the other parties. https://www.xcritical.com/ MPC wallets are a practical implementation of MPC technology, offering benefits such as security and efficiency of fund transfer.

• Modern cryptography uses math and computation to encrypt and decrypt messages or to guarantee the authenticity of the information.
• This means that transferring digital assets is now more fluid and no compromise is required between security and operational efficiency.
• MPC wallets offer more ease of use for institutions handling large sums of digital assets in a chain of custody under strict compliance requirements for several reasons.
• Whether for everyday transactions, corporate finance, or high-security operations, MPC wallets offer a robust solution in the evolving world of digital assets.
• This ‘Caesar cipher’ utilizes very simple math to demonstrate the concept of encryption.
• This means that the secret key never exists in its entirety in one place at any point in its lifetime.

Learn more about MPC: Threshold Signature Scheme (TSS):

MPC wallets offer Stockbroker increased flexibility by enabling dynamic policies and workflows for managing digital assets. Users can set different thresholds for authorizing transactions depending on various factors such as amount, frequency, destination address and more. Users can modify these thresholds at any time without affecting existing transactions, and create contingency plans in case any of the required parties become unavailable.

Custodial vs. Non-Custodial MPC Wallets

The new total values can then be combined to derive the team’s average salary without anyone having to disclose their specific salary information. The emergence of new threats, such as AI-powered attacks, ransomware and sophisticated breaches, coupled with the rise mpc crypto wallets of cloud computing, remote work and new regulations, call for new roles for CISOs. Traditional security measures, such as encryption and secure storage, are no longer sufficient in the face of sophisticated cyber threats. MPC is what is known as a “keyless” system as it removes the entire concept of a single, complete private key. It is an address that can be publicly shared allowing transactions to be made to it. Robust variants of model predictive control are able to account for set bounded disturbance while still ensuring state constraints are met.

Decoding an Ethereum Transaction

The most popular is SPDZ,[22] which implements MPC with additive secret shares and is secure against active adversaries. They want to find out their average pay without telling each other how much they make. The MPC uses a trick called additive secret sharing to divide the secret between the workers. While MPC wallets can be more efficient than cold wallets, they are potentially still slower to use than other types of online wallets due to the longer transaction times involved in computing multiple signature shards. And like the previous two algorithms, Doerner et al. can’t provide solutions for institutions that are looking to use cold storage in tandem with MPC.

The Lindell et al. Multi-party Computation Algorithm

While the idea behind cryptography can appear simple, the field does include some extremely complex math. In essence, messages are scrambled, or “encrypted,” by a secret recipe (or algorithm) that hides the information contained within it. This way, should the encrypted message be stolen or intercepted by a malicious or non-trusted third party, they will be unable to understand, see or alter the information the message holds. Instead, the only one who can read that message correctly is the one who knows how the message was encrypted and thus holds the key to unscramble, or “decrypt,” it.

By implementing this type of MPC technology, consumer-focused wallets (and institutional services) can securely design an on-chain asset management system that removes the single point of failure of a private key. For example, custodians use MPC-based Web3 wallets to secure digital assets and sign transactions. These wallets split a private key into multiple parts and then use MPC when they want to sign a transaction. Given their enhanced security, privacy, and flexible management capabilities, MPC wallets are suitable for a wide range of users. They cater to privacy-conscious individuals, security-focused organizations, and anyone in between who values the decentralized, collaborative approach to asset management.

The two party setting is particularly interesting, not only from an applications perspective but also because special techniques can be applied in the two party setting which do not apply in the multi-party case. Indeed, secure multi-party computation (in fact the restricted case of secure function evaluation, where only a single function is evaluated) was first presented in the two-party setting. The original work is often cited as being from one of the two papers of Yao;[20] although the papers do not actually contain what is now known as Yao’s garbled circuit protocol. The set of honest parties that can execute a computational task is related to the concept of access structure. An adversary structure can be defined as a threshold structure or as a more complex structure.

But in 2021, multi-party computation is only one part of the equation for digital asset security. Multi-party computation does away with this problem, as the private key is now no longer held by any one party at any point in time. Instead, it is decentralized and held across multiple parties (i.e. devices), each blind to the other. Whenever the key is required, MPC is set in motion to confirm that all parties, or a predetermined number of parties out of the full set, approve of the request.

Multi-party computation has evolved over the years and remains a crucial breakthrough in the world of cryptography today. From sealed-bid auctions to crypto wallets, MPC protocols are being leveraged in various applications. There have historically been a few solutions for safely keeping private keys, those being either hot storage, cold storage, or hardware based storage. A good and high-level metaphor for MPC-based encryption key generation is of a treasure map. Think of your encryption key as a map that is torn into multiple parts and shared to multiple parties.

Even though there are questions raised about its decentralization, MPC wallets maintain a fair balance between security and personal user experience. Invented by computer scientist Andrew Yao almost 40 years ago, multi-party computation (MPC) technology has been in development for the last few decades and has only entered the digital asset space a few years ago. It has come a long way from intellectual curiosity to one of the primary technologies used by wallet providers and custodians to secure crypto assets. Rather than safeguarding a private key in a single location, MPC splits the process of generating and using the private keys into multiple “shards” across multiple parties(instances).

Let’s imagine three employees of a company want to know who has the highest salary without disclosing their actual salary. The goal of MPC is to create a protocol where, by exchanging messages only with each other, the three employees can still learn who has the highest salary without revealing who makes what and without relying on an external third party. While HSMs provide a secure foundation, they become vulnerable in the case of a bad actor gaining control over the device. As the necessity for information security increases along with digitalization, MPC is increasingly used to protect sensitive data by acting as a digital non-disclosure agreement restricting who can access what data.

The technology enables users to manage their assets across various platforms without the need for multiple wallets or cumbersome conversions. This flexibility further contributes to the overall usability and adoption of Web3 technologies. MPC wallet technology significantly enhances security by removing the single point of failure experienced with a lost seed phrase.

Today, we’re using MPC-CMP – the fastest and most secure MPC algorithm currently available – adding a new degree of flexibility to the equation (including the ability to sign an MPC from a hardware storage device). MPC-CMP also solves the challenges faced by businesses looking to use cold storage in tandem with multi-party computation by allowing hot and cold key signing mechanisms – with at least one key share stored offline in an air-gapped device. Historically, there have been a few primary options for securely storing private keys.