What is multi-party computation?
Multi-party computation (MPC) or secure MPC (SMPC) is an important cryptographic security measure which enables multiple parties to assess a computation without revealing any private information or related secret data held by each party. As a result of technological advancements and the proliferation of the Internet, data security and privacy protection have proven challenging, especially when data is spread across large distributed networks. MPC is a critical technique that provides a trustworthy solution to the problems of data security and privacy, especially in the context of blockchain applications.
To better understand multi-party computation, let’s explore a simple example.
Imagine three blockchain developers working at a web3 startup who would like to know their average salary without either party disclosing their individual salary to each other or to a trusted third-party during the computation process.
In practice, these employees will rely upon an MPC-based protocol to calculate the average salary without revealing any sensitive or private information. In this case, the MPC protocol would leverage a well-established cryptographic concept called additive secret sharing, which entails the splitting and circulation of a secret among a group of independent parties. As a result, an unaffiliated party will be knowledgeable about the average salary figure without interfacing with the employees in question.
The MPC protocol is dependent on two important variables: privacy and accuracy.
Each party’s private information cannot be worked out once the protocol has been executed, and if by chance, a few parties within the broader group decide to share information or deviate from the protocol’s general instructions during the execution phase, MPC will not permit them to force the honest parties to output an incorrect result or leak an honest party’s secret information.
MPC research started in the early 1970s with early practical application development taking place in the 1980s, indicating a fairly recent breakthrough within the world of cryptography. Up until this point, cryptography primarily focused on concealing information. The new type of computation used in MPC, however, is oriented towards concealing partial information while computing with data from multiple sources.
Nowadays, MPC is used for a range of practical applications such as digital auctions and securing digital assets in MPC wallets. In fact, MPC has become the de facto standard for institutions and developers looking to secure their digital assets while retaining fast and easy access to them. Nevertheless, the ability to safely hold and transfer digital assets is guaranteed only as long as the private key is safe.
Popular private key storage methods used across Ethereum and Solana wallets include cold storage, hot storage, and hardware wallets.
- Cold storage - the private key is stored in an offline environment
- Hot storage - the private key is stored in an online storage environment
- Hardware wallet - the private key is stored on a physical apparatus or device
However, cold storage, hot storage, and hardware wallets experience risks including data that is still vulnerable to loss due to human error, vulnerable to theft, and difficult to manage at scale respectively.
Ultimately, MPC wallet technology has risen to prominence due to the operational and security challenges associated with each solution mentioned above. MPC is a good solution for both digital asset storage and digital asset transfers.
What is an MPC wallet?
An MPC wallet is a cryptocurrency and digital asset wallet which uses multi-party computation to offer strong security guarantees to both individuals, firms, financial institutions, and governments that manage digital assets.
MPC wallets are not the first generation of institutional-grade wallets that enable multiple parties to control. Multi-signature (Multisig) wallets are another contemporary wallet implementation. Before we delve deeper into the pros and cons of adopting an MPC-based wallet, let’s first explore what distinguishes MPC wallets from Multisig wallets.
What is the difference between MPC wallets and Multisig wallets?
A multisig wallet uses a unique digital signature that requires more than one private key to authenticate an outgoing transaction, while an MPC wallet divides a single private key among multiple parties.
Typically, non-custodial crypto wallets, which give the user control over the private keys, have one private key that provides access to funds stored in the wallet. This means that only this one private key needs to sign and verify an outgoing transaction. No further authorization is required. Multisig wallets have multiple parties each with their own private key, and a majority of the parties must all sign a transaction to complete it.
Multisig technology is closely associated with the advent of Bitcoin. Multisig technology was first introduced to the Bitcoin network circa 2012 and since then, has led to the widespread availability of multisig wallets. Like MPC-based wallets, multisig wallets are also intended to enhance security.
Downsides of Multisig Wallets
In today’s fast-moving digital asset ecosystem, multisig wallets are losing adoption for multiple reasons including but not limited to a lack of protocol agnosticism and operational inflexibility.
1. No Protocol Agnosticism
It is difficult for multisig wallet providers to securely support new chains as the few cryptocurrency protocols that support multisig have distinct implementations from one another.
2. Operational Inflexibility
As an organization that manages digital assets expands, adjusting the process of accessing and transferring digital assets using a multisig protocol can be cumbersome.
As a result of these shortcomings and comparatively more efficient designs that MPC wallets provide in the context of today’s challenges, numerous wallet providers have already begun transitioning to MPC technology.
What are the benefits of MPC wallets?
There are several benefits of using MPC technology for wallets, namely not needing to trust third parties, increased data privacy, higher accuracy, removing single points of failure, MPC wallets are harder to hack, and MPC wallets rely less on cold storage.
- Trusted third party - data can be shared in a distributed manner without any third parties
- Data privacy - data is encrypted-at-rest and in-transit so no private information is revealed or compromised
- High accuracy - MPC provides highly accurate results for different computations using cryptography
- Removes single points of failure (SPOF) - private keys are not stored in one single place
- Hackers need to work much harder - a hacker would need to attack multiple parties across systems and locations
- Less reliance on cold-storage - users can only hold their assets online and no longer need cold-storage devices
What are the downsides of MPC wallets?
There are a few limitations that developers and the broader community should be aware of when using MPC wallets including computational overhead and high communication costs.
1. Computational Overhead
To provide the security we need to generate random numbers for private key creation, the random number generation requires more computational overhead, which slows down the runtime.
2. High Communication Costs
Data distribution to multiple parties for computational purposes over networks can lead to an uptick in communication costs in comparison to simple plaintext computation.
MPC Wallet Use Cases
Owing to the numerous benefits of using MPC wallets, the technology has become the go-to-standard for institutional grade custodial solutions. Major financial institutions, such as Revolut, have already announced their transition to MPC, which effectively eliminates the existence of whole or complete cryptographic keys to protect against both internal and external adversaries.
Moreover, the recent increase of consumer-oriented product innovations means that MPC wallet users can access the broader web3 ecosystem. For instance, buying and selling non-fungible tokens (NFTs) via popular NFT marketplaces have become more convenient and secure.
Which web3 wallets use MPC?
Given the advantages of using MPC technology, numerous organizations offer web3 wallets that depend on MPC technology including ZenGo, Fireblocks, and Coinbase.
Launched in 2019 as the first consumer-facing MPC wallet, ZenGo now boasts 700,000+ global customers, multichain support, and 24/7 live in-app customer service. In early 2022, ZenGo announced support for web3-native applications by bringing MPC security to everyday users, leveraging advanced web3 firewall technology to increase safe transaction approvals.
Until recently, web3 was only accessible via traditional, non-custodial wallets which were complicated, confusing, difficult to recover, and challenging to secure with their private key vulnerability. By integrating with the open-source WalletConnect protocol and therefore, the Ethereum network, ZenGo’s wallet has opened the door to multiple decentralized applications in web3.
Fireblocks is an institutional digital asset custodian that offers an MPC wallet with support for over 30 blockchain protocols and 1,100 tokens. With the combination of MPC technology with hardware isolation, Fireblocks’ institutional MPC wallet maximizes security and service level agreements (SLAs) while minimizing transaction costs.
The public crypto exchange’s MPC wallet enables a large and growing number of users to access the web3 ecosystem in a safe, reliable, and secure manner. The MPC system developed in-house at Coinbase supports both ECDSA and EdDSA protocols. This means that the wallet can handle cryptographic signing for almost any blockchain and users don’t have to pay for gas transactions since there is zero overhead.
Users can access other product categories outside of the usual buying, selling, and holding of cryptocurrencies through the dApp wallet. The revamped wallet is also gearing up to support all blockchains compatible with the Ethereum Virtual Machine (EVM), as well as select others, such as Solana
Which MPC wallet is best?
There is no single best MPC wallet for every user. If you are an individual or small team looking to use an MPC wallet for it’s added security and usability, ZenGo is a great option. If you are an institutional investor, you have many more options like Fireblocks.
To choose the best MPC wallet, review these areas:
- dApp connectivity
- User experience
- Wallet security
- Native features
- User interface design
- Customer support
An MPC wallet is the foundational piece of infrastructure for institutional custodians, investors, and traders, and choosing the right wallet will be based on your needs.