The context of securing assets by distributing the power of transaction verification on the upper level and adding cryptography power to secure information packets and sender information on the deeper level goes as far as the 80s.
After the proliferation of blockchain build applications and supported digital assets, it became evident the need to install cryptography in and around processes like:
- compute problems and share the output with different parties
- require two-or-more entities to confirm an action
- masking the signature of the party involved in the action
- conceal the information input by each party
This form of cryptographic encryption termed as, Multi-Party Computation, has set a new vision to solve the much-debated areas of data security and privacy, critically for the use-case of digital asset wallets.
Lately, MPC has emerged as a definitive insertion for any digital asset wallet security system to authorize incremental parameters of security and functionality.
The problems apprehended more so by everyone including individuals, institutions and enterprises transacting in digital assets and protecting private keys are being directly resolved with the use of MPC that facilitates privacy and accuracy explicitly.
Ideally, we discuss the technological stack briefly, but MPC even as a stand-alone feature is too huge to be covered in a single-go, hence we present a two-part blog where we dissect the basic anatomy of MPC-powered wallet systems and the additional intelligence we have incorporated instinctively.
Functioning Definition of MPC
MPC wallets function in a totally divergent way evolving from the traditional method of generating a single key and seed phrase. The process involves distributing ownership of a private key among multiple parties whereby the key is fractionalized in shards to be held by different entities.
Now, when a transaction is called for, a valid signature is formulated when all the parties contribute their key shares to compute and execute the transactions.
Digital assets representing cryptocurrencies and NFTs are notorious for being susceptible to hacks and thefts, since most security standards followed by Web3 wallets, fall under the category of single-point-of-failure that hardly correlates with the overall domain identity of decentralization.
MPC also protects those who participate as official signers, since the input from signers is masked and their shared key is just part of the puzzle and redundant individually.
A former and more original version of MPC called Secure MPC directed a combination of parties to take an arbitrary data sample and compute a function to maintain the anonymity of parties at all times.
Mathematically dissecting this problem, establishes a relationship between the information sent and the one who authorizes the computation protocol. As mentioned before this circles down to two key aspects:
- Privacy: All inputs are kept secret and not disclosed amongst each other
- Accuracy: Final output always resonates correct function when inputs are correct
Adoption of MPC By Institutions At Large
Comprehending the nature of Multi-Party Computation constituting its ability to bring together operational flow into a conceptually secured framework, it has been integrated throughout major institutions vested in digital assets.
Institutional interest in MPC stems from a two-fold postulation that represents serious bottlenecks when looking to push digital assets to the masses:
- Secured Treasury: Apart from the whales and absolute degens, centralized or decentralized institutions are the one that carries a major portion of liquidity putting the wallet at paramount risk. Unfortunately, all the existing solutions seem distinctive and deterrent, making MPC an accurate piece of technology to integrate their wallets with, fortifying their key wallets (hot/cold/warm) to immobilize any theft attempts.
- Distributed Governance: Institutional operations involve the distribution of authorization for various departments and when it comes to finances, the distribution of authorization becomes even more significant. MPC invites multi-parties from the same organization in an m-of-n key scheme to validate a transaction when a set threshold is met. Additionally, only transaction signing is submitted on-chain securing parties involved in governance making (signers for a transaction).
Not just the practical application of MPC in an institutional setting make sense but the process of integrating it in an existing and interoperable architecture system personifies its adoption.
Institutions are aligned more towards solutions that can be added on top of their existing infrastructures as compared to building new ones, which is why MPC quickly transformed into an API-level integration for organizations.
Alternatively, interoperability is also a mandatory upgrade for any institution today because of the success of a multitude of layer-1 and layer-2 chains, ensembling siloed communities. To create a colossal ecosystem and wider user-accessibility multi-chain asset availability is paramount to institutions.
All in all, it is safe to say that MPC has attained a newfound space between Institutions, Investors and Wallet Security Infrastructures.
Fostering A Radcalized MPC-As-A-Service
The way digital assets have been subjected to an array of hacks and loss of funds within the bounds of an organizational setting has instigated a requisite to standardize wallet security measures.
From centralized exchanges to decentralized applications, from market makers to fund managers everyone is looking to adopt a holistic deployment of their wallets and most definitely looking to integrate MPC in their existing wallet infrastructure.
Ingrained with the vision of empowering institutional capacity of pushing digital assets to their maximum potential, we are working exclusively to work on technologies that equip the prowess of asset security on a multi-dimensional level, MPC being a primitive one, where we are not only building it as a white label solution but also characterizing parts of efficiency and optimization to capitalize on scalable applicability of in an aptly feasible way.
Talking on a utilitarian level, our MPC services serve rightfully in a wider perspective, everything that institutions require to securely manage their wallets, add governance layers into their administrative authority distribution, enable efficiency in the transfer of assets across wallets and also encapsulate functional mobility of signing transactions.
But for the sake of this three-part series, we’ll keep the spotlight on how we at Liminal are instituting institutional precedence on transactional governance.
Governance Consensus For MPC
At Liminal, we have identified how to amplify the feasibility of using MPC for signers and extract governance consensus in a seamless fashion. Throughout our wallet ecosystem, we have made sure to smoothen the interface interaction of signers when doing two crucial actions:
- Setting up policies with our custom-built Policy Engine: To lengthen the use-case of MPC we have created an add-on on top of MPC to implement business-oriented policies based on pattern recognition and data analysis that can be executed on their own. Since, institutions don’t rely on one mode of wallets but integrate a suite of wallets; Hold, Cold and Warm, to diversify their portfolio and reduce pressure on susceptible wallets like Hot and Warm. But, when it comes to transferring assets between these wallets, it has to be done manually and mutually, which is a cumbersome process. We have nullified this manual process into a code-executed policy engine that can be transformed to set parameters on whitelisting addresses, transaction limits, wallet refill and fund swaps between different wallets. Although setting these policies is definitely in the hand of the wallet admin when signers get added, they have to approve each transaction which is pre-set by a threshold of signers, only then the policies set can be executed or transacted.
- Transaction Signing Flexibility: Most MPC solutions are primarily curated for web usage, which means all the signing and validation by the signer have to be done on a desktop. This creates a lag in signing activity and a possible delay in processing transactions that can affect wallet balances and downtime and user transactions stuck as well. To solve the problem of instant signing functionality, we have developed a mobile app, Liminal Vaults, that supports MPC wallets and allows the capability of signing and validating transactions, and policies on the go. Moreover, to keep intact security parameters, we have also circuited the mechanism in such a way that a transaction or a policy setup cannot be initiated from the mobile app, as it is much simpler to gain anonym access to a mobile phone as compared to a system. Hence, the initiation step has to be done via a computer system which can then be carried out on Liminal’s mobile app for faster completion.
Both of the above-mentioned integrations we have build-up to complement our MPC, concisely represent how we are preparing solutions for institutions for greater redundancy and deploying defence structures around MPC to foster greater efficiency in day-to-day tasks run by admin and other team members to manage and optimize wallets.
Our stance on providing simplified governance by intensifying a signer journey from initiating a policy or transaction, to broadcasting it to other validators and finally confirming them through any device possible carried forward the idea into our implementation as well.
When you come back for part two of this blog, there will be some new integration types to talk about and again a round around the imperative accessibility of MPC as a service for Web3 wallets in the general and institutional levels.
Through MPC’s key management system, it single-handedly eliminates a single point of failure, the flexibility of securing assets on-chain and off-chain and
The use of multi-party computation ensures that attackers cannot transfer funds without authorization unless they compromise all parties simultaneously. MPC technology has been studied for years and allows parties to compute functions while keeping their data private. The “Millionaire’s Problem” serves as an early demonstration of MPC, where co-workers determine the highest earner without revealing individual salaries.
MPC wallets offer privacy, as individual inputs remain confidential and cannot be inferred from the output. Additionally, the protocol guarantees the correctness, ensuring accurate results as long as all participants act honestly. With these features, MPC wallets provide enhanced security for institutional users seeking to protect their digital assets.