Multi-signature wallets have become the norm for companies managing crypto currencies as they increase protection of the assets over single key wallets. However, recently, there have been new cryptographic breakthroughs in Multi-Party Computation (MPC) are setting the stage for a new age of key management.
MPC is now being praised as ‘the holy grail of both security and usability according to Michael J. Casey, senior advisor to blockchain research at MIT’s Digital Currency Initiative.
But , as with most technological developments the misinformation and confusion is frequent in the early stages. We take advantage of the most cutting-edge developments in MPC and we have spent a significant amount of time informing customers as well as regulators and other partners on its use cases and usage scenarios.
In this article we’ll look at some of the reasons we believe that MPC and threshold signatures have overtaken multi-sig technology and ultimately provide the flexibility and security that is required to be the future of security for private keys.
1. MPC has no single point of Failure
Similar to a Multi-Signature setup, the private key inside an MPC-based system is not kept in a central location. MPC technology shields it from becoming hacked by both cybercriminals and from internal collusion and fraud, stopping any employee or group of them from stealing digital assets.
2. MPC Solutions Are Protocol Agnostic
There are not many cryptocurrency protocols that support Multi-Sig and those who do, have very distinct implementations from one another. This makes it harder for Multi-Sig providers to support new chains.
Furthermore there are some wallets that do not allow transfers made from Multi-Sig smart contract. This can cause a variety of issues and friction with exchanges when funds are transferred from an address associated with a Multi-Sig smart contract.
The problem is that MPC is based on the standardized digital signature cryptography (ECDSA which is also known as EdDSA) that is employed across most blockchains, making the application of MPC possible across multiple blockchains. It means that institutions that utilize MPC can quickly and easily incorporate new currencies onto their platform.
3. MPC Technology Has Academic Validation & Practical Implementation
While MPC technology was only implemented within the cryptocurrency wallet context relatively recently however, it has been a area of academic study since the beginning of the 1980s and has gone through numerous, public peer reviews.
With this in mind, all companies that utilize MPC have enlisted and invested heavily in the cryptographic assessment and penetration testing providers, such as NCC Group, to review their application.
As the MPC implementation is agnostic to the blockchain protocol (see number 2 above) the risk of attack is small, and each revision changes the implementation for all protocols. Unfortunately, this is not the case for Multi-Sig solutions that are on-chain, because each protocol needs for the service to implement the appropriate code.
There are a few well-known instances of how inadequate Multi-Sig implementations failed:
The Multi-Sig Parity Wallet – Poor implementation caused malicious actors to gain around $30 million in Ethereum as part of one the biggest wallet hacks to this point.
Parity Wallet Hacked (Again) – A hacker has gained access to the wallet and frozen $300m worth of Ethereum. Some customers lost up to 300k in digital currency.
There are vulnerabilities in Bitcoin Multisig discovered by the research team an issue with this Bitcoin Multi-Sig check implementation was implemented in development environments. However despite the widespread use of this base of code, it’s vulnerability still exists.
4. MPC Technology Offers Better Operational Flexibility
If your company expands as it expands, you’ll have to adjust the process of accessing and the transfer of your digital assets. This could include deciding the number of employees required to sign transactions and adding key shares when you hire new employees or revoking shares after employees leave and modifying the required threshold to sign transactions (e.g. from 3 of 4 to ‘4 of 8’).
In this scenario Multi-Sig addresses could create a number of problems for your business since they are pre-set in the wallet.
This means that once the wallet is created it will have a ‘M of N structure is fixed. If an employee is newly hired and you would like to change your signature on a Multi-Sig wallet from ‘3 of 4’ to “3 of 5,” for example, you would have to:
a. Create a new wallet with the new scheme
b. Transfer all your assets to the new wallet
C. Notify all your counterparies of the fact that the address for your wallet has changed.
This step (c) could be very challenging and potentially risky since counterparties might accidentally transfer funds to the old deposit address. If the funds were sent there, the funds would be lost forever.
In contrast, MPC allows for ongoing revision and maintenance in the scheme of signatures. For example, changing from a “3 of 4′ set-up to any other setup would require shareholders to agree on the new distributed computation as well as the addition of a brand new user share. This is where the blockchain wallet address (deposit address) is kept in place, which means that:
You don’t have to make a new wallet
You don’t have to move any money
Your counterparties will continue to use your existing address
This makes the process of expanding operations or making changes to the way that your team performs effortless. It also will eliminate the chance of loss of funds as a result of critical operational adjustments.
5. MPC Allows for the Lowest Transaction Fees
Wallets based on Multi-Sig, whether they are Bitcoin P2SH Multi-Sig or Ethereum multi-sig based on smart contracts have higher costs over regular, single-account transactions.
An MPC wallet is identified via the blockchain one wallet address with the actual distributed signature computation outside of the blockchain. This means that they have the lowest fee possible for the transaction.
This can be critical when dealing with hundreds of transactions per day, especially in B2C applications.
6. MPC-Based Solutions Provide for Hidden Signatures and Off-Chain Accountability
Accountability is most likely to be one of the most misunderstood aspects in an MPC-based system.
Although it is a good idea for an company to have transparency on the chain regarding the signing of signatures, this actually introduces an array of privacy concerns. However, it also creates an issue with security since it immediately discloses the workflow and signing scheme to everyone.
Institutions might not want to reveal: who is able to sign, how many users have signed up, and how many users are required to sign, or any other sensitive information, as it could create physical attack surfaces against the organization.
The alternative is that MPC provides off-chain accountability which means that each component that co-signs can check which keys participated in signing without it being made available to the public. For instance, some keep an audit record of the keys participating in each signing process, and customers would like to can also keep an audit log at their end.
In addition, due to restrictions with regard to fees and mutability, certain Enterprise Wallet Providers who use Multi-Sig on-chains can only employ an asymmetrical signature scheme of two signatures for their hot-wallets regardless of their customer’s organizational structure and rules (See the #4 and 5).
In most cases, one share is with the wallet provider, one share belongs to the customer and one share is held as a backup. As the share of the customer’s is distributed over all users of the client in the event that a transaction gets signed there is no cryptographic assurance that can be made to determine the user who used that share. Thus, any claims of “accountability” being untrue.
Solutions based on MPC are, however, able to eliminate the flaws and allow to create a complete and accurate record that allows to be accountable.
7. MPC Technology Reinforces Hardware Isolation
Hardware Isolation Modules (HSMs and Secure Enclaves) are an essential way to protect cryptographic information when the system is compromised. However, they are not enough to offer the most secure method of secure your private keys.
In the same way, MPC alone is only part of the overall solution.
As a result, this has given rise to a belief of the fact that MPC as well as HSMs are substitutional technologies.
Instead, the use of MPC as well as the use of hardware isolation mechanisms, such as HSMs is essential because HSMs alone are not entirely bulletproof. (See this analysis of HSM technology).
Moreover, implementations with HSMs have the disadvantage that, if you lose the token that authenticates as well as the HSM client has been compromised a hacker can take over the wallet. In reality, the compromise of the client’s credentials or the algorithm for generating transactions is all it takes to do this, and the items aren’t stored inside the HSM.
We blend MPC and HSM technologies to exponentially enhance the security of the system and create a real secure defense in depth security structure.
In this way all MPC important material is stored and distributed across hardware-isolated Intel SGX Technology-enabled server (Intel’s Secure Enclave) and mobile device secure enclaves (TEE). Additionally that the execution of MPC algorithm, as well as its Policy Engine are all run inside of the secure enclosure, preventing malicious external and internal actors from altering the algorithm’s execution or the policy engine.
Conclusion
Institutions are aware that to compete and remain competitive, there must be no compromises in security or accessibility. MPC technology allows companies to capture market opportunities and deploy their digital assets in a safe environment that was never possible before.