Crypto wallet security is a major concern due to hacks exploiting stolen private keys. Common solutions include cold storage and multi-sig wallets. However, these are inadequate, as seen in the $100M hack of Harmony Bridge. Multi-party computation (MPC) wallets offer a balance between security and efficiency, addressing this issue. This article explains the importance of MPC wallets and compares them to traditional storage solutions like multi-sig wallets.
What Are Multi-Party Computation (MPC) Wallets?
An MPC wallet is a crypto wallet that requires multiple participants to authorize transactions, known as “multi-party computation,” as it executes the process of generating wallet keys and creating digital signatures through a distributed computing protocol.
How Does An MPC Wallet Work?
Traditional crypto wallets, like MetaMask, have a single private key and a seed phrase for recovering lost keys. However, these wallets have issues, such as a single point of failure, which can lead to the theft or inaccessibility of funds. Multi-party computation (MPC) wallets aim to address these issues by distributing ownership of a private key between n parties, each holding a part of the key (a shard or key share).
This allows for valid digital signatures and prevents attackers from transferring funds without authorization. MPC wallets are relatively new in the cryptocurrency industry but have been studied for decades. MPC technology allows parties to compute the value of a function over some data while keeping the data private. An early demonstration of MPC was in solving the “Millionaire’s Problem” by Andrew Yao, where co-workers wanted to know the highest earner without revealing their salaries.
The relationship y = f(S1, S2, S3), where S stands for each worker’s wage and their private inputs to the multiparty computing protocol, can be used to mathematically express this situation. In this instance, using MPC ensures the following:
Privacy: No participant’s input (or secret) is ever disclosed to others. Furthermore, the outcome cannot be used to infer specific inputs.
Correctness: If all parties follow the MPC process honestly, it never produces false findings.
Advantages Of Using MPC Wallets
Reduces Risks Of Private Key Theft
Traditional cryptocurrency wallets are unsafe because they rely on a single private key, which attackers exploit for phishing, malware, and spoofing. This has resulted in high-profile examples of hacked wallets. Multi-point wallets (MPC) distribute private key sharing over many sites, while digital signatures are generated in a distributed way.
However, the private key is never entirely recovered, making it more difficult for criminals to breach MPC wallets.
Improved Efficiency
Private-key wallets can be secure by keeping keys in cold storage, which prevents theft by preventing them from being stored in an online location.
However, this method can introduce inefficiencies in crypto-asset management, especially for exchanges or institutional custodians needing quick access to funds. Multi-party (MPC) wallets, on the other hand, improve efficiency by keeping private key shares online, making it infeasible for malicious actors to compromise a wallet by stealing a single key shard.
This makes MPC wallets suitable for both everyday cryptocurrency users and large industry players without compromising security.
MPC Vs Multisig Wallets: What’s The Difference?
Multisignature wallets, like MPC wallets, require multiple parties to approve transactions before execution using an m-of-n signing scheme. This reduces centralization risk and protects against rogue signers or compromised wallets, as a threshold of participants must sign a transaction for it to be valid.
Although multi-sigs and MPC wallets are comparable, there are some key distinctions between the two:
Protocol Agnosticism
Multisig wallets work with certain blockchains; they are not compatible with all of them. MPC wallets, on the other hand, are compatible with the majority of blockchains that use the common EdDSA/ECDSA signature method since they are protocol-neutral.
Privacy
By disclosing the signatories to a transaction, multisigs promote accountability, but they also raise privacy concerns for big businesses. Think of a big cryptocurrency custodian that keeps track of deposited assets utilizing a multi-signature wallet:
Multisig transactions give signers’ privacy a public face, which makes it simple for bad actors to identify and locate the signers. The signature workflow’s visibility gives attackers additional information to work with. For example, hackers discovered four validator keys under the control of the same organization, which they used to exploit the Ronin attack. Using an m-of-n key share mechanism, MPC wallets produce transaction signatures by having a minimum number of participants donate key shares. Because MPC wallet signatures are identical to those of normal wallets, user privacy is increased.
Transaction Costs
Multiple signatures are necessary for multisigs, which increases the amount of data bytes encoded for each transaction and the transaction processing costs. On the other hand, because MPC wallets only require a single signature, transactions are less expensive. Off-chain execution of the computationally demanding data signing procedure using key sharing lowers transaction processing expenses.
Administrative Overhead
Multisigs can cause a lot of issues from an administrative standpoint. For instance, the following would be necessary to adjust the approval threshold for a multi-sig wallet, say from 4-of-5 to 3-of-4:
- Setting up a new wallet. Once configured with several keys, a multi-sig wallet’s approval method is permanent.
- Transferring money between the new and old multisigs.
- Notifying third parties of the new wallet address(es) is necessary since money transferred to the previous wallet might not be retrieved.
Wallets with MPC support differ in that a more accommodating policy for approval is possible. For instance, the surviving parties can decide to carry out another distributed computation and produce fresh key shares if a person’s key share has to be revoked (perhaps due to leaving the firm). In this instance, neither the wallet address nor the cash needs to relocate.
MPC Wallets: A Novel Approach to Safeguarding Your Cryptocurrency
MPC wallets offer a new method for Bitcoin asset conservation and risk mitigation, with major industry players like Fireblocks and ZenGo wallet embracing this technology. However, MPC wallets have disadvantages, such as communication only occurring when everyone is online and the possibility of attackers producing legitimate signatures even if all key shares are taken over simultaneously.
