Diving Into sMPC in the Context of DeFi: Podcast Key Takeaways

Aleksander Bączkowski
Aleph Zero Foundation
3 min readDec 14, 2023

The ninth episode of the Aleph Zero Podcast is an exploration of sMPC through a DeFi lens, as Damian Straszak guides us through the privacy-preserving properties of this cryptographic technique.

TL;DL

Too Long; Didn’t Listen:

  • ZKPs is one of the technologies that Liminal uses to achieve privacy.
  • One can argue that ZKPs by themselves are not by itself sufficient to make “everything” private. In fact, in most cases, they can merely guarantee “anonymity.”.
  • Technically, to go beyond what ZKPs offer, one must be able to create “global secrets,” i.e., secrets that no single user knows. This is impossible to do using ZKPs because they require at least one user (the prover) to know the “secret.”
  • There are essentially two categories of technology that allow to solve the “global secret” problem:
  • hardware-based: TEEs (trusted execution environments)
  • software-based: sMPC
  • As a technology, sMPC is strictly more powerful than ZKPs. However, it also has downsides:
  • Even though it is well-researched in theory, it’s fairly new when it comes to practical deployments.
  • Because sMPC involves a committee of nodes and several rounds of communication, it results in latency.
  • sMPC is, however, actively worked on, and there is lots of progress regarding the practical efficiency of sMPC, including using Threshold (Fully) Homomorphic Encryption (THE, or TFHE) to perform MPC.
  • The internal architecture of Liminal is designed in the following way:
  • Most computations are based on ZKPs for their (relative) efficiency compared to sMPC.
  • Only parts of the system which crucially require it use sMPC.
  • This hybrid approach allows us to make the system as efficient as possible while, at the same time, using the powerful capabilities of sMPC.

What is sMPC?

Secure multi-party computation is a cryptographic solution used to preserve user privacy. It is one of two techniques the Aleph Zero Foundation uses to achieve this goal, the other one being zero-knowledge proofs (ZKPs). These two solutions complement themselves quite effectively. At the same time, sMPC allows us to create a global private state. This feature is essential for DeFi and other use cases requiring greater privacy, for example, running DAOs or introducing private voting.

Using both of these solutions is necessary, according to Damian Straszak, as ZKPs alone are insufficient to make “everything” private. In fact, in most cases, they can merely guarantee “anonymity” (i.e., hide the user’s identity) but do not allow hiding what actions are being performed by the users (the details of the transaction). This is because, with ZKPs, one party must know the secret, thus preventing the creation of a global private state where a piece of information is hidden from every system participant.

Two technologies can be used to solve the global secret challenge:

  • TEEs
  • sMPC

The former type uses special chips inside a device that serves as a secure enclave or trusted- execution environment. This chip stores and conducts computations on state secrets without divulging this information to third parties, including the device’s owner. This technology is used, for example, by Apple in the production of iPhones. As Damian Straszak mentioned, one challenge this solution faces is the need for trust in the chip manufacturer and the potential for vendor lock-in.

To avoid this, Aleph Zero has opted for a software-based solution where multiple nodes communicate with each other through a distributed protocol. These nodes each hold a portion of a secret and, through Shamir’s Secret Sharing, conduct calculations without revealing the secret.

Challenges Facing sMPC

Damian Straszak stressed that because sMPC requires several nodes to communicate, it introduces a fair degree of latency that makes this solution slower than ZKPs and results in the cost of computations being considerably more expensive. That is why sMPC is used by Aleph Zero only for those computations that require dealing with multiple parties.

This article was first published on the Aleph Zero Blog on August 25th, 2023. Read the original entry here.

--

--