MPC Wallet: Secures Asset Management on REI Network

In the past 10 years, the management of crypto assets and the use of wallets are still stuck in the barbaric era when Bitcoin was born. However, the MPC (Multi-Party Computing) wallet has created a new way of on-chain asset management security. REI Network will also actively explore the combination of MPC wallet and network development.

So what is MPC (multi-party computing) wallet? How will REI Network combine MPC wallet and network development?

Before explaining what the MPC wallet is, let’s briefly introduce the existing software wallets. No matter what kind of software wallet, users need to keep and back private keys and mnemonic words up properly. In the early wallets, some even chose to allow users to back up the Keystore file — a JSON file that stores the private key in encrypted form, and requires the password set in the wallet software to decrypt it.

The private key, mnemonic phrase, and wallet password.

The technical principles and differences between the three may still be incomprehensible to a large number of users today, and it would seem too primitive and crude to introduce them directly to users.

The current software wallets are based on the public-private key system and asymmetric encryption. The private key is the key to everything. Controlling the private key also controls the assets.

When the user faces the wallet directly, the experience has actually gone through a round of optimization: the public key becomes the “wallet address” that the user sees through transcoding, while the private key is actually a 64-bit hexadecimal character, which is unfavorable to record, so as early as the year of 2013, the Bitcoin community passed the BIP39 protocol: using an algorithm to convert the private key into a string of 12 to 24 easy-to-remember words, which is the “mnemonic phrase” we often see today.

For example, REI Network is an EVM-compatible chain. Users can use the Metamask wallet to log in to the on-chain application to receive and send $REI assets, here you can see how to use REI Network through the Metamask wallet: https://www.youtube.com/watch?v=fWzVta-mtQE

However, if the user’s private key is lost or hacked, the assets in the wallet will be lost. The recording of the private key, and wallet logging also confuse some users who are accustomed to off-chain transactions, seriously affecting the enthusiasm of the community to participate in network governance. According to statistics, the number of assets lost due to private key leakage can reach hundreds of millions of dollars every year, as far as professional market makers in the industry represented by Wintermute, and as close as arb airdrop address private keys being hacked and causing losses.

MPC (Multi-Party Computation) wallets can solve this problem to a certain extent. Multi-Party Computation (MPC) is an encryption technology that allows multiple parties to jointly calculate a function without revealing their respective inputs, ensuring data privacy and secure collaboration.

How does the MPC wallet realize the safe storage of assets?

In the context of cryptocurrency wallets, MPC technology is used to protect the wallet’s private key, dividing it into multiple shares or secrets. Each share is held by a separate party, and the full private key is never exposed or reconstructed at any point during the signing process. Instead, parties collectively perform the cryptographic operations required to sign transactions while maintaining the privacy of their respective shares.

When you create a traditional wallet, you actually get a matching pair of public and private keys. Among them, the public key forms your wallet address through some conversion, which can be disclosed to others; while the private key is in your own hands and cannot be shared with others.

Next, you initiate a transaction in your wallet. In fact, you use your own private key to sign and issue the transaction, which means “I agree to this transaction”; others can easily verify that it is indeed issued by the signature because they can get your public key (address), so after a series of verifications, it is determined that the transaction is valid.

If I get your private key, then I can also execute the transaction through the signature of the private key, thereby transferring the assets in your address.

The problem here is that traditional wallets use a one-party signature model, which relies heavily on the security of the private key. We only recognize the uniqueness of the private key, but it is impossible to identify the real owner or thief behind its storage environment.

For MPC wallets, the situation is slightly different.

First, MPC wallets are jointly created by multiple parties. Assuming that parties A, B, and C jointly create a wallet address, based on the multi-party computing key generation protocol, a separate private key will not be generated at this time, but each of the three parties will get a key fragment (keyshare).

Note that none of the three parties have a complete private key file, but three different key fragments. None of the shards has the ability to individually control the assets in the wallet address, but each shard corresponds to the same wallet address.

Subsequently, multi-party secure calculations and multi-signatures work together when transactions are initiated. Party A, Party B and Party C use their own key fragments to sign a transaction, which can be commonly understood as three signature fragments.

Similar to multi-sig wallets, you can also set a signature threshold, for example, 3 people must all sign to initiate a transaction.

At this point, Multi-Party Computing (MPC) will aggregate the three signature fragments without exposing each key fragment to form a complete multi-party signature. Others can also easily verify the correspondence between the complete multi-party signature and the wallet address to determine that the transaction is valid.

How does the MPC wallet combine with REI Network?

At present, there are few mature and available MPC wallets for the general public on the market, but REI Network will still actively explore the combination of MPC wallets and network applications.

First of all, it will cooperate with excellent MPC wallets in the industry to allow them to access REI Network and ecosystem. REI Foundation will continue to follow up the development of MPC wallets, and will give grants to the technical innovations that the community intends to combine MPC wallets with REI Network.

In which ways will the MPC wallet improve the network environment of REI Network?

Enhanced security: By splitting the private key into multiple shares, the MPC wallet reduces the risk of a single point of failure, even if an attacker acquires one share, they cannot compromise the wallet without acquiring the other shares. Ensure that REI users do not have to worry about asset losses due to loss of private keys when using wallets.

Improved privacy: Since the parties involved in the MPC process do not reveal their personal inputs, the privacy of each participant’s share is maintained throughout the process.

Resistance to key leaks: In traditional wallet setups, private keys must be reconstructed to sign transactions, increasing the risk of key leaks. In the MPC wallet, the private key is never fully reconstructed, reducing the possibility of key leakage.

Collaborative control: The MPC wallet enables multiple parties to jointly manage a wallet and promote collaborative control and decision-making, which will benefit the development of community committee members of REI Network.

Key recovery: In some implementations of MPC wallets, key shares can be distributed among trusted parties to enable key recovery should a user lose access to their wallet.