MPC Wallets Have a Trade Off. Is It Worth It?
Wallet security experts spoke to Blockworks about the convenience and security of MPC wallet solutions
boonchoke/Shutterstock modified by Blockworks
As blockchain technology continues to evolve, the security of digital assets remains a top concern. For years, private keys have been the backbone of wallet security, with the key holder being the only one able to access the contents of the wallet. However, the methods for storing and protecting these keys have undergone significant changes over time.
Initially, users were responsible for securing their raw private keys. These were long and complicated strings of characters that were difficult to remember and easy to mistype or lose.
Next came the era of seed phrases — a series of 12 or 24 random words that allowed users to recover their assets if their chosen wallet front end was disabled, lost or stolen. These were not particularly ideal either, as they remained vulnerable to phishing, brute-forcing, dictionary attacks, and more.
MPC wallets are a more recent attempt to secure people’s crypto. Multi-party computation, or MPC, wallets do away with the traditional concept of user-facing private keys entirely, replacing them with a process that involves breaking up a holder’s key into different pieces, called shards. While this purportedly “seedless” approach is a significant departure from traditional key security, some implementations of MPC wallets may still utilize seed phrases as an additional backup or recovery option for added security.
MPC wallets also allow users to define the required number of shards needed to authorize a wallet’s transactions, whether it’s two, three or more. As a result, advocates of MPC wallets say they provide a more robust and flexible solution for securing digital assets, effectively mitigating risks associated with loss, theft or unauthorized access.
Past solutions have held similarities to MPC wallets, but with a few important distinctions. For instance, multi-signature wallets need several signatures to initiate transactions. Similar to MPC shards, users may distribute these signatures among multiple parties or locations, reducing centralized failure risks. However, they lack the recovery options of MPC wallets and rely mainly on seed phrases and private key possession to maintain their advantage.
Rohan Agarwal is the CEO and co-founder of Cypherock, a hardware MPC solution. He told Blockworks that certain MPC wallets, especially those relying on software or web apps, trade a high level of security for increased ease of use.
Instead, Cypherock allows users to keep all their shards offline using a hardware device, similar in form to cold storage solutions like Ledger and Trezor. Agarwal said, “With most of the software wallets…people are more inclined towards convenience, and that’s why you have hardware wallets and solutions like ours which is a privatized sort of security for keeping most of your assets.”
With Cypherock’s MPC solution, the user’s key is split into five shards. One is the hardware wallet and the other four are NFC-enabled cards. Users can optionally choose a PIN number to add across all shards as an extra layer of security. To send a transaction, a user requires only a single card and the hardware wallet.
Having multiple cards means that even if a user loses three of the five, they can still transact and access their funds with the one remaining card and the hardware wallet, Agarwal told Blockworks. He added that if your hardware wallet becomes inaccessible, any two private key shards can be used to restore the wallet account on a new device.
Agarwal also told Blockworks that Cypherock customers get to decide how to keep their private keys safe. He said that users most concerned with security often split the cards up between different locations — sometimes even in different countries. Others tend to keep one card and the hardware wallet in their home, while keeping the rest of the cards in bank lockers or with trusted individuals like friends and family.
There are also software-based MPC wallet alternatives. ZenGo is one example. Utilizing MPC and threshold signatures, ZenGo divides the user’s private key into two shards: one held by the user and the other by the company on its secure servers. To initiate a transaction, both parties collaborate to generate a valid signature, ensuring that neither can independently access or control the user’s funds.
For account recovery, ZenGo employs a unique biometric-based “face map” created during wallet setup, which serves as an encrypted backup recovery mechanism. Users can regain access to their funds using their face map, which remains inaccessible to ZenGo, helping users to maintain control over their assets.
Trust Wallet, powered by wallet-as-a-service infrastructure provider Web3Auth, is another recent entrant in the MPC wallet space. Its software MPC solution offers users five authentication factors, of which any two are required to access a user’s assets. These factors include a manual backup of the device key shard, login to an online account (Google, Apple, Telegram, Discord), device authentication, SMS one-time passcode, and a recovery email.
Zhen Yu Yong, co-founder and CEO of Web3Auth, stressed that users can pick and choose which authentication method works best for them.
Yong acknowledged that, although SMS is a popular and user-friendly option, it can be vulnerable to attacks like SIM swapping. Hackers have demonstrated this attack vector numerous times, including in the theft of $24 million worth of crypto from investor Michael Terpin in 2017. Despite this, he said that Web3Auth aims to emulate Web2 banking apps by offering SMS and email as common recovery methods.
“[Users] can choose to use SMS OTP or they can choose to use a manual backup or google authenticator, or other alternatives,” Yong said. “SMS OTP definitely still remains as the most friendly user experience.”
Yong explained that “users have always been stuck in the dichotomy of you either go with seed phrases and be self custodial…or you go and purchase a hardware wallet. I think with MPC, it’s kind of like a new account type.”
Agarwal agreed that SMS one-time passcodes are convenient, but added that with SIM-based recovery methods “you are not in control. It’s the telecom provider who is basically authenticating you.”
While MPC wallets offer a number of advantages in terms of flexibility and security, it is crucial to consider the potential drawbacks and challenges associated with their implementation and use. One concern is the possibility of collusion among shard holders, which could lead to unauthorized access of a given wallet’s funds.
Additionally, the complexity of the technology may result in user confusion and errors, especially for those unfamiliar with the concept of key sharding and recovery procedures. It is essential for users to carefully weigh the benefits and drawbacks of using MPC wallets, and to consider their specific needs and preferences when choosing the most appropriate solution for securing their digital assets.
Trust Wallet declined to speak to Blockworks about its new MPC offering until it’s made generally available.
Jeff Albus and John Gilbert contributed reporting.
Don’t miss the next big story – join our free daily newsletter.