What Is MPC Wallet: Is Multy Party Computation More Secure?
MPC, or Multi-Party Computation, was first introduced in the ‘80s and has been in research for decades. It has recently gained traction in the crypto sphere for its transaction system, which relies on a different form of wallet management instead of a single private key.
MPC is a secure alternative to hot wallets like Metamask where you independently use a single private key to access all your digital assets.
I began experimenting with MPC to find out how well it secures digital assets.
How Does the MPC Wallet Work?
Private Key Encryption
MPC is based on cryptography technology which uses algorithms to encrypt your private key. “Secret phrases” are then split amongst multiple parties ex: a server and your phone).
It uses hexadecimal strings to represent the private key (digit values from 0-9 and six alphabetical characters). This highly advanced encryption mechanism makes private key theft extremely difficult to execute.
MPC never generates a private key on any device throughout its lifecycle.
Each party authenticates a transaction by inserting its key share in an encrypted form.
Approval From Multiple-Parties
To simplify, MPC distributes a single private key between multiple parties.
Hence, signing a transaction through an MPC wallet would require authentication from all parties, making it secure and avoiding a single point of compromise.
While this is an advantage in terms of security, you might wonder how parties are modified when the need arises. MPC has no restrictions when it comes to selecting parties. Adding or removing parties is fairly easy and usually involves the authentication of the existing parties.
In commercial options, like ZenGo, the main parties are your phone and a ZenGo server. Because of the way MPC technologies work, the ZenGo server can’t transfer money out of your wallet, just the added protection of authorizing it or helping you to recover crypto assets should you need it. You can learn more about how ZenGo works by checking out our full review.
Off-Chain Application
Unlike Multisig, MPC wallets run completely off-chain. Hence, there’s no trail of changes made to the wallet. This is particularly helpful when a user modifies the number of parties on an MPC wallet.
Leaving a trail of information related to adding or removing parties can take potential hackers a step ahead who constantly keep a track of changes or updates of security policy.
Refreshing Key Share
Refreshing the wallet keys ensures that no malicious party compromises the private key by gaining access to the device of multiple parties. Moreover, this is done without changing the actual key phrase.
This task can be made even easier by enabling an automated key share refresh mechanism.
It ensures regular key share refreshing without any human intervention.
Auditable Records Of Transaction
Monitoring the records of transactions and identifying parties is essential for crypto security. While MPC wallets run off-chain and do not leave a trail about security changes, it provides an auditable record of transactions.
If you’re using an MPC wallet, these records would often come in handy when you keep track of the number of parties involved and the frequency or history of digital asset transfers.
No Digital Records Of Private Key
If you access digital assets through a hot wallet, you would often worry about malicious hackers finding your private key through misplaced or scrapped devices like mobile phones, laptops, tablets, or even servers.
Since a complete private key never exists on a single device while using MPC technology, there’s a reduced risk of harvesting the private key through these devices.
Why Use an MPC Wallet?
Security
The single best reason for any investor to switch to an MPC wallet is security. Traditional cold or hot wallets have a private key that is managed by a single entity.
Whereas multiple parties can manage an MPC. It is a great feature for securing digital asset holders of any scale, including financial institutions with large crypto holdings. You see this being done by companies like Fireblocks.
MPC Supports Multichain
MPC wallets support digital assets across all blockchains. This removes the need of juggling different signature systems and wallet softwares since you can manage all cryptocurrencies using a single signature system (Threshold Signature Scheme).
Faster Transaction And Lower Fees
Initially, I was concerned about gas fees when operating an MPC wallet. When we talk about Multisig wallets, Gas fees are significantly higher when multiple operations are involved.
However, I found out this is not the same as MPC. While there’s a higher number of users and operations involved, the transaction fees are the same or even lower.
Vulnerabilities Of MPC Wallet
I’ve spent several hours researching how MPC wallet tackles security breaches and if there are any serious vulnerabilities. I found a research paper by Fire Blocks that discovered a vulnerability within the GG18 algorithm.
The GG18 algorithm is commonly used by exchanges to implement MPC protocol. The research also confirmed that the vulnerability had never been exploited before.
The absence of zero-knowledge range proof was the primary reason behind the vulnerability.
The attacking party could use this vulnerability to force other parties to share their key.
This would give the attacker access to the complete private key resulting in a security breach and potential loss of assets.
Following this discovery, the vulnerability was patched, giving rise to the MPC-CMP protocol, which has increased security and efficiency.
So that said, it seems that MPC wallets are as safe or even safer than traditional crypto wallets like Ledger because not only do they provide self custody – they abstract away the possibility of losing funds due to private key mismanagement.
MPC vs Ledger or Other Hardware Wallets: Similarities and Differences
MPC | Multisig | |
Key recovery | Yes | Yes |
Adding or removing users without modifying address | Yes | No |
Key share refreshing | Yes | No |
Avoids single point of compromise | Yes | No |
Protocol Agnostic | Yes | No |
Hardware Support | No | Yes |
MPC Wallet FAQs
Multiparty computation (MPC) is a cryptography technology that allows multiple parties to jointly sign a transaction using their private key shares without revealing those inputs to each other.
MPC has a wide range of applications, including secure voting systems, data science, and secure multiparty financial transactions.
Senior and Fireblocks are popular options for major financial institutions, and ZenGo is the most popular option for individuals to securely manage digital crypto assets.
MPC was first discovered in the ‘80s when it was used to solve the Millionaire’s Problem.
However, it has recently gained popularity among crypto investors for its multi-party key-sharing technology.
MPC wallets are extremely difficult to hack since they rely on cryptographic technology to encrypt your private key and share it among multiple parties. Large-scale institutions have been using MPC to safely hold digital assets.
However, like with any other technology, MPC technology isn’t perfect. It’s never good to put all of your crypto into one basket, whatever the basket.
Multi-party computations have several practical applications, like secure voting systems, machine learning, and cloud computing.