Imagine if there were no private keys. Crypto assets could be accessed instantly and secured absolutely, with access and control assigned seamlessly to fit organisational or individual requirements.
This is the promise of multi-party computation (MPC); a paradigm shift in digital asset management that replaces cumbersome private keys with a magical mathematical process that is as trustless as blockchain transactions.
But beyond the buzzword, the reality of MPC is not so simple. While the tech has the potential to eliminate the Achilles’ heel of digital assets, poor implementations risk replicating the same problems of cold storage and hot wallets, leaving assets exposed to the threat of hacks and corruption.
The innovation of MPC
Instead of using cryptography just to conceal information, which dates back as far as Greek tyrant Histiaeus who hid messages on the scalps of his slaves’ heads, MPC takes the process one step further — letting other entities compute with the data without revealing it.
This cryptographic leap forward was dreamed up by Chinese computer prodigy Andrew Yao in 1986, and then experimented with for 20 years before algorithmic advances made it viable. Since then, the tech has been used for applications like medical research and machine learning that balance sharing data for the public good, while keeping personal information private.
But where the tech has found the most traction is in the managing of private keys. By signing transactions with separate nodes that collaborate without recreating the private key in its complete form, MPC provides instant accessibility with no compromise to security.
This lets traders seamlessly map digital assets to organisational workflows, and deploy new trading strategies, including near-instant arbitrage, rapid-fire algorithmic strategies, and the staking of assets in DeFi protocols.
What to look for in an MPC solution?
With four decades of academic research to draw from, all MPC implementations for private key management should be built on a solid theoretical foundation.
Today, most MPC protocols rely on the industry-standard: Gennaro and Goldfeder’s algorithm (MPC-GG18), which has been extensively peer-reviewed. Other implementations like RZL sMPC are not yet thoroughly tested.
The correct procedure should be followed for implementation; code should first be developed from the academic papers, then reviewed by professionals and made open-source. Only after all of these steps should it be deployed.
As MPC is still evolving, it is also important to make sure that the implementation is up to speed with the latest features:
- Gennaro V2 – includes enhanced security features like ‘identifiable abort’ that can identify bad actors and exclude them from the calculations.
- Key rotation – between MPC nodes make the protocol a moving target, preventing stale key shares from lying around that could be gathered, and making it extremely unlikely that a malicious actor could steal all the key shards.
However, the key difference between MPC implementations is not in the MPC protocol itself, but in the way, the MPC nodes are controlled.
Cloud and Database MPC
The first generation of MPC custody solutions hosts the MPC process in databases or in the cloud, with private key material distributed between cloud providers or customer hardware.
The problem with these centralised MPC implementations is that the technology provider is privy to customer transactions, and the MPC process is vulnerable to external and internal attack vectors.
When MPC nodes are centralised on the infrastructure of one organisation, they control all the signatories, meaning they might as well be holding your private key. This creates enormous counterparty risk, as assets are not fully protected from internal employees gone rogue, cloud providers, or other colluding partners that might decide to empty the wallet, as we saw with catastrophes of Bithumb and QuadrigaCX.
At the same time, external hackers can exploit hardware vulnerabilities. For example, SGX cloud infrastructure has been repeatedly breached, with multiple researchers managing to crack open the servers and retrieve cryptographic keys.
So while these implementations can make digital assets faster to access and more convenient, they risk replicating the same security problems of centralised private key management.
Consensus-driven MPC
As the MPC process relies on independent nodes, the only way to securely implement MPC is to retain their independence. A select few projects aim to achieve this by distributing MPC nodes around the world, on different data centres managed by independent companies, with the nodes controlled by blockchain consensus.
This decentralised approach can be implemented by leveraging MPC across a Layer 2 blockchain network. Instead of recording ownership rights of digital assets in a centralised database or on vulnerable cloud infrastructure, a blockchain solution records ownership rights on an immutable distributed ledger. MPC protocol generates multiple independent secrets from the private key, which are then distributed between MPC Nodes that are co-ordinated by blockchain consensus. In this setup, each MPC Node can be housed in custom hardware in a security-hardened tier 4 data centre, in financial hubs worldwide, from London to Chicago and Hong Kong.
When a trader wants to withdraw an asset, they coordinate with their appointed custodians via the network to confirm the asset ownership, creating a blockchain consensus that enables the asset owner to invoke the MPC Nodes to run the MPC protocol. The MPC protocol then creates a digital signature for the underlying blockchain to send digital assets from that address.
About Qredo
Qredo is a cross-chain liquidity protocol that provides secure decentralised custody and a layer-2 peer-to-peer trading network. As Qredo progresses on the journey to decentralisation, the network of MPC nodes will come under the governance of a DAO, with all operations overseen by a community of liquidity providers. This will create an independent, censorship-resistant life form, where no single entity is able to hold sway over operations on the Qredo network.
Read more about how Qredo implements MPC over ECDSA signatures.
AUTHOR(S)