Everything You Need to Know About MPC Wallets
Cryptocurrency wallets are a necessity for any individual or business wishing to buy, sell or trade on the blockchain. While adoption of cryptocurrencies grows worldwide and the industry becomes more mainstream, security remains top priority for cryptocurrency wallets.
As blockchain technology has evolved over the last few years, Multi-party Computation (MPC) has quickly stepped out in front as the preferred transaction signing system for a wide variety of businesses. Hundreds of hedge funds, financial institutions, crypto exchanges, custodians, investors, and DeFi startups are now using MPC to secure their own digital assets and those belonging to their customers.
In this article
But what is Multi-party Computation, and why has it become the standard for ensuring the security of crypto assets and data privacy?
What Is Multi-party Computation (MPC)?
As a general concept, MPC allows multiple independent parties, each with their own private data, to perform joint computations without the need of sharing their private data.
We can illustrate this with an example. Let’s say you have three software engineers, Sue, Pam, and Bob.
They would all like to understand how their salaries compare to one another, but without sharing their own salary information. MPC allows them to solve the problem.
This classic example of how MPC works is known as “The Millionaire’s Problem”.
By using their own salaries and applying MPC, they can find out which salary is the highest without sharing any actual figures with each other or anyone else.
How Does MPC Work?
Sue takes her salary of $120,000 and adds a random and relatively large number to it, say $875,500. This gives a total of $995,500.
Sue shares this newly computed number with Pam. This number is meaningless to Pam, as she doesn’t know what positive or negative random value Sue used to arrive at it.
Pam then adds her salary of $105,000 to the $995,500 to compute a total of $1,100,500.
Pam shares that total with Bob, who again, has no concept of what values Sue or Pam have used to gain this figure.
Bob then adds his salary of $96,300 to this amount and shares the final total of $1,196,800 with Sue.
Sue can then subtract her secret and randomly generated number of $875,500.
This gives a net value of $321,300.
This can be divided into three to calculate the average of the three salaries, which is $107,100.
None of the three “parties” in this scenario learn anything about the other’s individual salary. The only thing they learn is the average and can compare their own salary against it.
Not only did they not have to share their private data with each other, they also didn’t have to share it with anyone else.
Using distributed multi-party computation with no third parties or intermediaries involved, means total security and privacy are guaranteed.
This same concept of secret sharing and distributed computation can be implemented in blockchain technology to protect secrets such as a private key to a crypto wallet.
Before we look at how MPC wallets work, we need to understand what a crypto wallet is and why the private key is so important.
What Is a Crypto Wallet?
A crypto wallet is a software program or hardware device that enables users to store, send and receive cryptocurrency and digital assets.
Crypto wallets use Public-key cryptography (PKC) to encrypt and decrypt transactions. This is a one-way mathematical function that is easy to solve in one way, but almost impossible to crack in reverse.
In general, PKC enables secure and private communication on a public channel. On the blockchain, PKC is used to prove that a spent transaction was signed by the rightful owner of the funds.
It’s a common misconception that a crypto wallet actually stores cryptocurrency. There are no coins or tokens kept in a crypto wallet. In fact, cryptocurrency or digital assets such as NFTs never actually leave the blockchain they are created on.
What a crypto wallet does store is a key pair, namely a public key and a private key.
What Is a Public Key?
The public key is kind of like the bank account number. It is an address that can be publicly shared allowing transactions to be made to it.
The public key is derived from and paired with a private key. While anyone can pay using the public key, to "unlock” the funds sent to it you need the corresponding private key.
A crypto wallet can generate multiple public keys, meaning you can receive funds into multiple different public addresses, but to access all of them, you need the same private key.
What Is a Private Key?
As you may have understood, the private key is the more important of the two. While there is no danger in sharing your public key, the private key should always remain just that— private.
A private key can take many forms such as a string of 64 hexadecimal characters or a mnemonic phrase (a set of 12, 18, or 24 words).
The private key is like the key to a bank vault. Whoever holds the private key to the vault holds the funds within it.
By using your private key, you can sign to complete transactions or access funds. The private key is your “digital signature” and is what proves ownership on the blockchain.
This has given rise to the popular phrase, “Not your keys, not your coins”. Lose the private key and you lose access and ownership to the digital assets associated with your wallet.
That’s why it is so important to keep the private key secure. MPC is a way to do that.
What Is an MPC Wallet?
An MPC wallet is a digital asset wallet which utilizes multi-party computation for key management and performing digital signatures on the blockchain.
MPC is what is known as a “keyless” system as it removes the entire concept of a single, complete private key.
Instead, the digital signature (private key) is created from individual key fragments.
Multiple and distributed non-trusting parties each have a key fragment. To approve a transaction or to access funds, the multiple parties must each use their share of the private key.
A single signature is then generated from the fragments. No individual key-share holder ever has access to all key-fragments and there is no need for any data to be shared over the network. This means no risk of bad acting from an internal source or external hacking.
MPC is the Gold Standard in Private Key Security
With multi-party computation wallets there is no single point of failure as with single-sig. It is much more difficult for a potential hacker to find and overcome multiple decentralized parties than it would be to attack a single system.
Another aspect of MPC that enhances wallet security above and beyond multi-sig is the fact that each key fragment is used off-chain and only the complete signature appears on-chain. This means that it’s indistinguishable as to whether it is signed by one or multiple people.
MPC wallets also support the Threshold Signature Scheme (TSS) which further minimizes the risk of key theft or insider misuse.
TSS is a type of Digital Signature Scheme in which the key generation and sign algorithms are distributed across multiple parties and a threshold of signatories must be met in order for a transaction to be authorized.
For example, if you have a group of seven active signers, all with a key share, TSS allows you to set a rule that any five of the seven signers can sign the transaction on behalf of the whole group.
Secure MPC Wallet with Vaultody
Vaultody provides a secure MPC wallet and custody technology solution for seamless and flexible crypto assets management. The platform combines industry-leading protection technologies and intuitive user dashboard for operating with digital assets, sending and receiving transactions, generating hot and warm wallets and more.
If you’d like to learn more about Vaultody and what it offers, contact our team.