Multi-party computation (MPC) and Shamir’s Secret Sharing (SSS) are two cryptographic techniques that can be used to bolster the security of digital assets. They are designed to allow cryptocurrency users to share ownership of funds without having to worry that one individual will use them without agreement from the rest of the group.
Although their main objective is similar, MPC and SSS work in very different ways. In this AAG Academy guide, we’ll explain MPC and SSS in more detail, and cover their advantages and disadvantages. We’ll also look at how MPC transactions compare to multi-signature (multi-sig) transactions, and answer some frequently asked questions.
MPC stands for multi-party computation, a cryptographic protocol that allows multiple individuals to collectively perform computations on their own private data without revealing their inputs to one another. Although it is considered a relatively new technology, MPC actually dates back to the 1980s, when Andrew C. Yao, a Chinese computer programmer, first developed it.
A common example of MPC is Yao’s ‘Millionaires’ Problem,’ in which multiple millionaires want to find out who is the richest without revealing their actual wealth to one another. A solution to this problem could be to disclose their wealth to a trusted friend, who would then determine who is richest while keeping the actual figures a secret. MPC essentially replaces that trusted friend.
Today, MPC is used for a wide range of purposes, such as electronic voting, digital auctions, and data mining. In recent years, it has also made its way into cryptocurrency wallets, allowing multiple parties to access and control funds without having to worry that one party could gain control over them and use them as they wish.
Most standard cryptocurrency wallets use private keys to prove ownership of digital assets. Whoever has access to the private key can use the assets as they wish, which means that sharing a standard wallet among multiple users is incredibly risky. MPC solves this problem by ensuring that a single user cannot gain full control, or access other users’ private keys.
How does MPC work?
When using a cryptocurrency wallet with MPC, no user gets a complete private key that would allow them to use the wallet’s funds however they wish. Instead, the private key is broken up into multiple pieces and then divided among the wallet’s multiple users. This ensures that all users must come together and give consent for any kind of transaction to take place.
Each member of the party computes their own piece of the private key to produce a signature without revealing it to the rest of the group. This ensures that another individual could not collect each piece and then combine them to produce a complete private key. It also prevents a potential hacker from using the wallet’s funds, even if they obtain an individual’s device.
There are two key properties of an MPC protocol, which are:
Accuracy: Every output produced by an MPC protocol is correct.
Privacy: Information held by individuals cannot be leaked to other parties or inferred from the execution of the protocol.
It’s also worth noting that there are multiple types of MPC, and not all are created equal. One of the most common, particularly within the cryptocurrency industry, is Gennaro and Goldfeder’s MPC algorithm (MPC-GG18). Despite it being considered an industry standard, however, MPC-GG18 is slower and less efficient than some more modern solutions.
One of the reasons for this is that Gennaro and Goldfeder’s algorithm requires transactions to undergo nine signature rounds. The Lindell et al. algorithm reduces that number to eight, while the Doerner et al. algorithm requires only six. MPC-CMP, one of the newest solutions created by Fireblocks, is seen as the most innovative and most advanced.
MPC-CMP allows transactions to be signed in just one round, making it by far the fastest MPC protocol. It also supports both cold and hot storage wallets, and they can be combined.
MPC vs. multi-sig
Another common solution for securely sharing access to digital assets is to use a multi-signature (multi-sig) wallet. However, multisig wallets work very differently from MPC wallets, particularly when it comes to signatures. While an MPC wallet breaks up a single private key and divides it among participants, a multi-sig wallet relies on multiple keys.
In other words, each participant holds their own distinct private key in their own wallet. They then come together to sign a transaction, which typically requires a certain number of signatures before it can be processed. One of the big advantages of this approach is accountability; it’s possible to see which individuals signed a transaction, which can be incredibly important.
With an MPC wallet, on the other hand, all signatures look identical from the outside. It is impossible to distinguish which users, or which parts of the private key, were used to sign a transaction. This means that if an unapproved or invalid transaction is processed, there is no way to hold the individuals responsible for it to account.
In addition, multisig wallets have been in use for a lot longer than MPC wallets, and are therefore seen as more trustworthy. However, multisig wallets also have some disadvantages when compared with MPC wallets. For instance, MPC wallets are typically more flexible, allowing participants to be added and removed as necessary, which can make them more ideal for growing organizations. Their keys are also recoverable in case they are lost.
What is Shamir’s Secret Sharing (SSS)
Shamir’s Secret Sharing (SSS) is another protocol that allows pieces of a ‘secret,’ such as a private key, to be distributed among a group of individuals. Like MPC, this ensures that no individual has complete control over a wallet’s funds; they must all (or at least a certain number of them) come together to sign a transaction before it can be processed.
The key difference between SSS and MPC is that while the individuals in an MPC protocol process their own pieces of information, those using the SSS protocol must submit their pieces of a private key to be reassembled on a single device. This presents a point of failure that MPC does not have, making SSS much less secure in comparison.
You might consider SSS to be just as secure as MPC until a transaction takes place. Each piece of its private key is held on a different device. However, once the pieces of an SSS private key are submitted to a single device, there is now an opportunity for attackers to infiltrate that device, obtain each piece of the key, and then reassemble it.
MPC wallets: Advantages and disadvantages
As we’ve touched on throughout this guide, there are a number of pros and cons to MPC, which are important to note. Some of the biggest advantages of an MPC protocol are:
Flexibility: Wallet users can be added and removed as necessary. If an individual joins or leaves an organization, there is no need to create a new wallet.
Blockchain support: Multi-sig solutions typically support only one blockchain; there is one protocol for Bitcoin and another for Ethereum. The MPC protocol does not have this problem — an MPC wallet allows users to manage multiple assets on a single platform.
Lower gas fees:Blockchains typically charge fees based on the number of on-chain operations that are required to process a transaction. The more signatures involved, the greater the cost. MPC wallets use only one signature, so they are usually cheaper.
Some of the biggest disadvantages of an MPC protocol are:
Immature: MPC protocols aren’t as mature or as established as solutions like multi-sig within the cryptocurrency industry, so there are still some questions over their reliability and stability. Some are also limited in their functionality.
Complex: MPC protocols are much more complex than multi-sig, and they require greater computational power.
MPC allows a group of people to manage an organization’s digital assets. Each holds a piece of the private key required to execute a transaction, so it is not possible for one user to spend the group’s funds without consent from others.
Multisig wallets are cryptocurrency wallets that support multi-signature transactions. Multi-sig is an alternative to MPC that uses multiple private keys for transaction authorization, rather than a single private key that is divided up and shared among a group.
Was this article helpful?
Have a Question? Join our active Discord
Share this article:
About the author
Senior content writer
Senior copywriter for AAG Marketing team with the focus of educating our community on all things web3, blockchain and Metaverse.
This article is intended to provide generalized information designed to educate a broad segment of the public; it does not give personalized investment, legal, or other business and professional advice. Before taking any action, you should always consult with your own financial, legal, tax, investment, or other professional for advice on matters that affect you and/or your business.