Skip to content

The Benefits of MPC For Crypto Wallets

Multi-signature wallets have become the norm for organizations managing cryptocurrency, as they boost the security of assets over single key wallets. Recently, however, new innovations in cryptographic technology in Multi-Party Computation (MPC) are leading to a new era of key management.

MPC is now being described as the “holy grail” in both usability and security’, according to Michael J. Casey, the senior advisor for research on blockchain at the MIT’s Digital Currency Initiative.

As is the case in the case of most technological developments there is confusion and misinformation frequent in the early stages. We are able to leverage the most advanced technologies in MPC and as a result we have spent a significant amount of time training customers, regulators, and partners around its implementation and use scenarios.

In this post we’ll go over some reasons we believe that threshold and MPC signatures have outperformed multi-sig technologies and will ultimately deliver on the flexibility and security that is required to become the future of private key security.

1. MPC Doesn’t have a single point of Failure

Similar to a Multi-Signature configuration a private key that is part of an MPC-based application is never kept in a central location. MPC technology guards the key from being compromised by cybercriminals, as well as internal corruption and fraud. It also prevents any employee or group of them, from stealing digital assets.

2. MPC Solutions Are Protocol Agnostic

Some cryptocurrency protocols do not support Multi-Sig and those who support it, have different implementations from one another. This makes it difficult to Multi-Sig providers to be able to accommodate new chains.

Furthermore, not all wallets support transfer of funds from Multi-Sig smart contracts. This can cause a variety of issues and friction with exchanges when funds are transferred from a Multi-Sig smart contract address.

The problem is that MPC works on the common digital signature cryptography (ECDSA which is also known as EdDSA) which is utilized across most blockchains, making the application of MPC feasible between various blockchains. This means that institutions that utilize MPC can quickly and easily onboard new cryptocurrencies onto their platform.

3. MPC Technology Has Academic Validation and practical implementation

Although MPC technology was only implemented to cryptocurrency wallets relatively recently however, it has been a focus of academic research since the early 1980s , and has been subject to extensive peer-reviews that are public.

With this in mind, all companies that utilize MPC have engaged and invested heavily in the cryptographic assessment and penetration testing providers, such as NCC Group, to review their system.

Because it is the case that MPC implementation is independent of blockchain protocols (see the previous paragraph) the risk of attack is small, and each revision improves the implementation of all protocols. This is not the case for Multi-Sig solutions that are on-chain, because each protocol requires that the provider of wallets to create a different code.

There are a few well-known instances of the instances when poor Multi-Sig implementations went wrong

The Multi-Sig Parity Wallet – Poor implementation allowed malicious actors to get around $30m worth of Ethereum as part of one the largest hacks of a wallet to this point.
Parity Wallet Hacked (Again) The hacker again gained access to the wallet and frozen $300 million worth of Ethereum. A few customers have lost as much as 300k in digital currency.
Potential vulnerabilities in Bitcoin Multi-sig The team of researchers discovered an issue with this Bitcoin Multi-Sig check implementation was implemented in development environments. However despite the popularity of this base of code, it’s vulnerability exists.

4. MPC Technology Offers Better Operational Flexibility

As your organization grows as it expands, you’ll have to modify the method of accessing and moving your digital assets. This will include deciding on the number of employees needed to sign transactions and adding key shares as you hire new employees, revoking key shares as employees depart and changing the threshold for signing transactions (e.g. from ‘3 of 4’ to ‘4 of 8’).

In this instance Multi-Sig addresses can present a variety of challenges to your company as they are linked to the MPC wallet.

This means that once a wallet is created the ‘M of N structure is set. If a new employee is hired and you need to alter the sign-off of your Multi-Sig wallet ‘3 of 4’ to “3 of 5,” as an example, you’d require:

a. Create a brand new wallet by using the new scheme

b. Move all your assets to the new wallet

c. Notify all your counterparies that your address for your wallet has changed.

(c) is extremely difficult and risky. (c) could be very challenging and potentially risky since counterparties might accidently send funds to an old deposit address. If this happens, the funds will be lost for ever.

However, MPC allows for ongoing modification and maintenance of the signature scheme. In the case of changing from a ‘3 of four setup to a different setup would require shareholders to accept the new distributed computation as well as the creation of a new user share. In this way, the blockchain wallet address (deposit address) is kept in place, which means that:

You don’t need to create a new wallet
There is no need to transfer any money
Your co-signers can continue to use your existing address

This makes scaling up operations or making changes to the way that your team operates frictionless and in the end, reduces the chance of losing money due to crucial operational adjustments.

5. MPC Allows for the Lowest Transaction Fees

Multi-Sig-based wallets whether they’re Bitcoin P2SH Multi-Sig or Ethereum smart contract-based Multi-Sig are characterized by higher fees as compared to regular single-account transactions.

MPC-based wallets, however, are identified on the blockchain as one wallet address having the signature calculated outside of the blockchain. This means that they have the lowest fees that can be incurred for transactions.

This is essential when dealing with hundreds of transactions per day, particularly in B2C applications.

6. MPC-Based Solutions Allow Hidden Signatures as well as Off-Chain Accountability.

The concept of accountability is perhaps one of the aspects that is most often misunderstood of an MPC-based solution.

Although it is a good idea to an business to have transparency concerning the signing of signatures, this actually introduces several privacy issues. But, more importantly, it also creates an issue with security since it immediately exposes the signing scheme and workflow to everyone.

Institutions may not want to disclose: who is able to sign, the number of users signedup, or how many users are required to sign, and other confidential information, since it could create an attack surface physically the organization.

However, MPC offers off chain accountability so that each co-signing component is able to verify which keys were involved in signing, without having it made visible to anyone outside. For instance, some keep an audit log of the keys participating in each signing cycle and customers who wish to can also maintain an audit log on their own.

In addition, due to restrictions related to fees and mutability Enterprise Wallet providers that use Multi-Sig on the chain can only make use of an asymmetrical signature scheme of two signatures for their hot-wallets, regardless their customers’ organizational structure or policies (See the #4 and 5).

The majority of shares are with the wallet provider, while one share belongs to the customer and one share is used as a backup. As the share of the customer’s is distributed across all the customer’s users and when a transaction is signed there is no cryptographic assurance that can be made to determine the users who took that share. Thus, any claims of “Accountability” not reliable.

Solutions built on MPC can, however, eliminate the flaws and allow to create a complete and reliable record that allows for true accountability.

7. MPC Technology Reinforces Hardware Isolation

Hardware Isolation Modules (HSMs and Secure Enclaves) are an important means of protecting cryptographic material when the system is compromised. However, HSMs on their own aren’t enough to provide the most secure means of secure your private keys.

Likewise, MPC alone is only one part of the solution.

As a result, this has given rise to a misconception of the fact that MPC and HSMs are substitutional technologies.

Instead, the application of MPC in addition to Hardware isolation devices, such as HSMs, is critical since HSMs on their own aren’t entirely bulletproof. (See this analysis of HSM technology).

Additionally, implementations that utilize HSMs are also affected by the fact that, if an authentication token, as well as the HSM client is compromised, an attacker is able to empty the wallet. In reality, the compromise of clients’ credentials or algorithm for generating transactions is all it takes to do this, and both of these elements aren’t stored inside the HSM.

We combine MPC and HSM technologies to significantly increase the security of the system and create a real secure defense in depth security structure.

In this manner the entire MPC essential material is stored and distributed across hardware isolated Intel SGX enabled servers (Intel’s Secure Enclave) and mobile device secure enclaves (TEE). In addition the execution of the MPC algorithm and the Policy Engine is all implemented inside of the secure enclave stopping malicious internal and external actors from altering the MPC algorithm’s execution and the policy engine.


Institutions recognize that to remain competitive and remain competitive, there must be no compromise between security and accessibility. MPC technology allows businesses to capitalize on market opportunities and deploy the digital asset in a safe environment that was just not feasible prior to.