MPC Wallet -Multi-Party Computation technology and its Key management in blockchain applications

Written by: Amisha Shukla and Omer Shlomovits


What if I tell you that chatbot is a technology! Well, I won’t say that because that’s not true.

Artificial Intelligence(AI) is a technology and ‘chatbot’ is one of its applications using Natural Language Processing(NLP), which is a subdomain of AI. Here, AI is technology and chatbot is an application of AI technology.

The same goes with Multi-party computing(MPC) and Key management in the blockchain. Here, ‘MPC’ is a technology, and ‘Key management in blockchain’ is one of its applications.

In digital assets, in order to make any transaction happen, we need two keys, a public key, and a private key. ‘Private key’ is private to every wallet and the ‘Public key’ is visible to everyone. It’s your digital address to transfer the digital assets. ‘Private’ key should never be known to anyone, otherwise, your assets can be stolen! How do we protect our private key? Here comes Multi-party computation (MPC): it’s one of the most powerful tools for protecting and managing private keys 

Let us learn what MPC is, what MPC is not, and why MPC is such a popular technology for key management in blockchains.

Multi-party computation (MPC):

Multi-party computation (MPC, also known as secure computation, secure MPC, or privacy-preserving computation) is a subfield of cryptography that enables multiple parties to jointly compute a function without revealing the inputs.

The inputs provided to a function are always private.

Let’s understand it with an example.
Consider three employees working in a company and they want to know the highest salary amongst them. But, they neither want to ask others and reveal their own salary. The solution is in the illustration below!

Figure1: Example to illustrate the idea behind Multi-party computation

In MPC, a set of parties that do not trust each other try to jointly compute a function over their inputs while keeping those inputs private. The two basic properties that a multi-party computation protocol must ensure are Privacy and Correctness. See figure 1 for an example. 

The usage of MPC in key management in the blockchain is more specific. To understand it we first need to introduce TSS.

Threshold Signature Scheme (TSS):

TSS belongs to Threshold Cryptography (TC) which is a subfield in MPC. In which, cryptographic operations are being redefined with a threshold assumption in mind – it is assumed that at least a threshold of the parties involved in the computation are acting honestly and not controlled by an attacker at the same time. So we can say, the Threshold Signature Scheme (TSS) is a special type of MPC!

Let’s get the basics of TSS:

Consider, n – Total number of parties among whom the key is distributed!

‘Threshold’  –  ‘t’ number of parties involved in running a cryptographic operation.

‘Signature scheme’ –  It is a cryptographic primitive which enables all the co-signers to make a public statement attached to a public key.

This is it. TSS offers highly efficient distributed private key and signature generation. To learn more about it, check here.

Custody solution

The Custody solution provides an easy-to-integrate and user-friendly environment. Currently, we have centralized custody solutions for managing finance in the market from banks to brokers to investment firms, etc. A custody solution is a system that offers secure storage of users’ secrets, abstracting away cryptography and technical complexity of underlying secret-key systems, while providing traditional authentication and authorization interfaces, such as email, password, or phone.

When Money is at stake, cryptography plays a critical role in securing systems. One of the most exciting instances of this is in the blockchain space, where digital signatures control the allocation of funds. In that particular case, cryptography indirectly protects money.

A custody solution in the case of digital assets and cryptocurrencies is a complex system. The

cryptography is used to generate keys and sign messages, which is common to other

applications using digital signatures. 

Here is a short list of the benefits of TSS in custody of digital assets and cryptocurrencies

  • No complete key ever exists in a system.
  • All the records of digital assets transactions are available.
  • Without changing the private key, the combination of key shares, each representing a numerical value, can be changed at any time.
  • MPC technology offers sustained secure operations, even with corrupted parties.
  • It is adaptable and offers operational flexibility by supporting any access structure.

These benefits are described in detail in a previous write-up!

Here is an important point we want to make: custody solutions may differ in the target user profile, setting and so on. This is all happening at the application layer. However,  the MPC technology is always the same. 

Key Management in blockchain

Blockchain uses public-key cryptography i.e. a pair of public key and private key is available for every owner. ‘Public key’ is like your social media handle which is visible to everyone and ‘private key’ must only be known to the owner. By using your private key, you (and only you), as owner, can sign over transactions you issued.  This is your ‘digital signature’. Every person who knows the public key can verify that the message was created by the private key owner. 

In order to transfer assets, provide proof of identity and asset holdings, this signing mechanism is used.

Key management is extremely important because if your private key is accessible then your account’s data can be manipulated. Also, it is important to note that the transactions in blockchain are immutable.

The use of Hardware Secure Modules (HSMs, also known as cold wallets) is prevalent. Here, you can store your private key in the hardware. HSMs have several advantages but many limitations too like damage to the device, access and transfer is slow, pins of the HSMs can be stolen, etc.

So, we need a better way to store our digital assets. MPC is here to help!

More specifically, by using a Threshold Signature Scheme (TSS), we can compute digital signatures in a distributed way, while keeping redundancy.

Private keys are split into pieces and distributed in different numbers of servers such that no server has full access to the private key. The major advantage here is that the private key is always used in a distributed manner.

When a transaction signature is required, there’s coordination between ‘n’ servers running a distributed signature generation between the multiple parties. This represents an MPC protocol to sign the transaction.

Here, the entire process is digital which doesn’t need any HSMs and the best part is never ever any server can get access to any private key together; even if the attacker tries to get access to one or two servers can not get the entire information to generate the entire private key. This makes your digital assets safe.

Some misconceptions related to MPC and Key management in blockchain:

With the humongous amount of data out on the internet, everyone has got the chance to speak their ideas and thoughts. 

It’s a great thing, but this gives rise to various misconceptions. Let’s burst out of the misconception bubble!

  1. There’s a weakness in Blockchain technology, mainly MPC.

→ If existing custody solutions are claimed to not provide sufficient security when using this technology, it does not mean that the MPC is flawed but that it might not be a good fit with

a specific application. After all, MPC is a technology. It’s a tool. A hammer can’t do the work of the needle and vice-versa, that doesn’t mean ‘hammer’ or ‘needle’ is flawed. It’s just that the use cases are different.

  1. The critical vulnerabilities can severely hamper the adoption of digital assets by financial institutions and banks in the U.S. and around the world.

→ This threat is false. Custody solutions that use TSS are tailored for the specific

customers that use them. As we mentioned before, the TSS part is only one part of the

system, which can be replaced or adapted to different settings. If indeed a financial institute

will raise concerns about its setup, there are plenty of options to go, most likely including

TSS, that can cater to the specific needs.

  1. MPC security is based on dividing each private key into shards and only by piecing all of them together is the key then revealed.

→ Secure MPC is also when 10 people want to compute an average of their salaries without

revealing any single salary. No need for a single key to be divided or reconstructed.

In TSS the key is never revealed and it is never divided in the first place.

  1. MPCs are typically programmed in a way that once the majority of PCs in the MPC network

(usually 2 out of 3, or 3 out of 4) provide their shard of the key, the request to execute the transaction is authorized.

→ This is inaccurate. MPC allows for any threshold of any number of parties. A more complex access structure (imagine a circuit with ORs and ANDs but of parties) is also possible. Also, MPC can run on any device and not just PCs.

  1. Hackers, … simply need to hack into one or two additional PCs to complete their takeover

of the valuable keys.

→ A custody solution with proactive security will not fall victim to the attacker described in the article and this is certainly not a vulnerability in MPC. It is true that some custody applications may choose not to practice this option – if this attack vector (persistent attacker) is of relevance to consumers of such application they should consider if they are using the appropriate solution. But again, nothing here should be blamed on the technology which just does what it should.


As we are heading towards digital currencies, it’s important to know the different terms associated with them. Today, we have discussed Multi-party computation (MPC), Threshold Signature Scheme (TSS), and Key management. 

At ZenGo, we are the world’s first keyless wallet which is based on Multi-party computation (MPC) technology. The ‘key’ is the essence of the existence of digital assets. If it is lost, the entire asset is lost. We are building a wallet that is user-friendly and helps everyone in handling their own digital assets without worrying about managing keys.

We are here to cater the key management in blockchain technology.

All thanks to TSS which belongs to MPC technology!