Multi-Party Computation (MPC) Signatures Explained

An explainer for an upcoming MyNearWallet update

To enhance security and privacy, MyNearWallet is about to launch Multi-Party computation signatures like Coinbase, Revolut (the largest neobank in Europe), and other crypto and Web2 financial giants have already done.

This security method is becoming a standard for proceeding Web3 transactions and is known for its self-custody, recoverability, and interoperability. It’s also called a window into Web3 for Web2 users as it doesn’t require a seed phrase which makes interactions easier for crypto newbies.

Let’s find out what is MPC, why is it so popular and how it works.

What is an MPC initially?

In the 1970s when the MPC research has just started, this was a technology focused primarily on concealing information via cryptography. Currently, MPC has evolved to an algorithm oriented on concealing partial information while computing with data from multiple sources. In other words, it allows numerous parties to proceed with math operations without their private data being disclosed. Cryptography makes those operations highly accurate. That’s why MPC is a good solution to transfer and store digital assets. Let’s see how it could work on the example.

MPC would allow employees to compare their salaries without revealing them to each other

Imagine three people who would like to compare their annual revenue without disclosing the exact numbers to each other. Usually, they would come to a mutual friend who they trust a secret and would ask them to compare the data and announce a result. MPC would be such a friend, its algorithms would present the result without revealing sensitive data that belongs to parties.

How does the MPC security method work?

MPC splits the Full access key into numerous parts and locates it in different places, for example, on the company server, on the employee’s computer, and on the client’s mobile device. This means a private key is presented in the “liquid form”. There is no single point of failure, to sign a transaction, a scammer would have to hack a number of different environments simultaneously. All the operations are under users’ control.

In MPC security method, a private key that is used to confirm transactions is split into different parts

MPC is based on the Threshold Signature Scheme (TSS) cryptography, where it is presumed that a threshold of parties taking part in an operation cannot be controlled by a hacker at the same time and are acting honestly.

How do wallets benefit from MPC?

Apart from the high accuracy and privacy due to the at-rest and in-transit data encryption, MPC encounters the following advantages:

• It’s an off-chain technology that makes it compatible with numerous blockchains and enables it not to depend on the network load. It’s a faster and more reliable solution than a multisig security method.
• Easy and more convenient recovery methods (like passwords or 2FA) as MPC does not use seed phrases. This will allow us to onboard more people to the wallet and to Web3 in general.
• No need for cold storage, users can hold all the assets online.

How will it work on the MyNearWallet?

MyNearWallet’s MPC will be used with 2-Step verification via a Google Authenticator. 2 parties will participate in transaction confirmation: a user’s device (or a browser) and a secure MyNearWallet server. Artem Lapko, MyNearWallet Software Engineer, explains how it’s going to work:

To begin with, a user will initially get a seed phrase to enter the wallet for the first time. A user won’t need to enter it again further apart from the account recovery. The whole verification process will be free and invisible, users will only need to confirm operations with the Google Authenticator code.

From the technical point of view, when a user enables MyNearWallet 2-Step Verification, a random key pair (a public key and a private key, learn more about NEAR keys here) is generated in their browser for free. The public key from this key pair is exchanged with MyNearWallet server. The server, in turn, generates a special signature to confirm a transaction from its part. Then a Google Authenticator code is needed for an operation to proceed.

That way the user privacy is guaranteed as a private seed phrase key is not stored in the browser. A stolen key pair will not be enough to proceed transactions, Google Authenticator code is needed

In the future, the MyNearWallet team will also add more confirmation methods like email, telegram bot, and MNW mobile app. Learn more about security methods in the MyNearWallet Medium blog.

If you have any questions left — let us know!
Discord
Telegram