Multi-Sig Wallets with MPC Wallets give businesses joint control over cryptocurrencies and other digital assets. However, multi-signature wallets require multiple private keys to sign a single transaction, while MPC wallets split a single cryptographic key into multiple shares and require a certain number of shares to authorize a transaction.
What are single-signature wallets?
Single-signature wallets are the ones with the simplest key management system. In this wallet, a single private key drives transactions on the blockchain. Any entity with access to the private key will have full control over the cryptocurrencies stored.
The private key in single-signature wallets can be considered a “single point of failure”. If the private key is compromised, all funds stored in this wallet can be stolen.
Therefore, a single-signature wallet is mainly used to hold relatively small amounts of cryptocurrencies used by individuals for active investment and other DeFi products. These are often used alongside a cold wallet, which is used to store the bulk of the investor’s funds offline.
If you lose your private key, there is no way to recover it. Your money can also be lost forever. This lack of redundancy makes single-signature wallets a potentially risky choice for storing large amounts of cryptocurrencies, as seen in stories of people who lost their hard drives containing Bitcoin or forgot their passwords to access their wallets.
There is no method of granting full or partial access to funds, as only one private key gives full control over the funds.
After all, single-signature wallets are more suitable for individuals rather than groups, communities, treasuries or companies where transactions often need to be approved by multiple stakeholders.
What are Multi-Sig Wallets (multi-signature wallets)?
Multi-Signature Wallet (multi-sig wallet) is a cryptocurrency wallet that addresses some of the major limitations of single-signature wallets, such as the lack of shared access, and adds more security measures by requiring multiple private keys (cosigners) to sign a single signature. Private keys do not need to reside on the same device either. They can spread to different devices in different regions.
Although multi-signature technology is not new, it was first used in the cryptocurrency space in 2012 for a Bitcoin transaction that developed a new type of address called “pay-to-script-hash (P2SH)”, and the first multi-sig wallet was created in 2013.
How do Multi-Sig wallets work?
Consider Company A holding BTC in its treasury. The company wants to send the Bitcoins to another entity, for example Company B.
In this case, with the multi-signature wallet, the company can ensure that the funds are paid out only after the majority of the stakeholders (say, at least 5 out of 7 board members) sign with their private keys.
This allows Company A to distribute only permitted funds, without any individual needing to disclose their private keys.
Down to the smallest detail, the main purpose behind multi-sig wallets is to distribute control of funds in a single wallet without exposing private keys.
How do multiple private keys sign a single transaction?
Multi-signature wallets use an algorithm known as ‘M-of-N’. This algorithm requires at least M out of N private keys to sign a transaction before it is published.
The general belief is that the higher the number of signatures required (M) and the total number of keys available (N), the more secure the wallet becomes.
For example, the 3/5 multi-signature algorithm requires three of the five private keys to sign a transaction before it is executed. A 7 out of 5 multi-signature requires five of the seven private keys to sign the transaction, and so on.
The “M” and “N” variants can be adjusted according to the institutional requirements of the users during wallet creation. In addition, M-of-N algorithms provide easy recovery from lost private keys as long as there are sufficient remaining signatures (M) required for transaction authorization.
General Multi-Sig Wallet transaction flow
The general process of multi-signature processing is as follows:
- Generate a multi-signature wallet address from the public keys of authorized signers.
- Create an offer with all the necessary details, such as the recipient’s address and the quantity to ship.
- Cosigners reviews and accepts or rejects the transaction offer.
- Once the required number of signatures has been collected, the transaction is considered authoritative and verified.
- The authorized transaction is then published with all signature data for verification and block confirmation.
What are MPC Wallets?
Multi-party computing (MPC) wallets are one of the latest developments in the DeFi space, taking the best parts of single signature wallets (a private key) and multi-signature wallets (joint control of funds) and combining them into a single solution. .
Multilateral computation is a cryptographic technique that enables confidential computation among three or more entities by dividing a single cryptographic key into multiple parts so that no single entity can access the original key.
Each signer keeps a piece of the private key, but this is not enough to regenerate the entire private key. You need a certain number of shares, called “thresholds,” to regenerate a private key or authorize a transaction. This can be set during wallet creation or later.
Using this technique (called “Secret Sharing”), an MPC wallet allows all signing parties to create and sign transactions without having to share their private keys with each other.
This differs from a multi-signature wallet because instead of generating multiple private keys, it splits a single private key into multiple shares.
Different MPC wallets use different secure multilateral computing protocols. Some commonly used protocols are Shamir’s secret sharing (SSS), Yao’s broken circuit, and Full Homomorphic Encryption (FHE).
MPC wallets can be used for a variety of applications such as decentralized transactions, key management, distributed storage, and authentication. They are increasingly gaining traction among businesses and organizations that require shared access to funds.
General MPC Wallet transaction flow
The general process of an MPC operation is as follows:
- Start a transaction by sending a request to the wallet provider’s server.
- The server generates a random number and encrypts it with the user’s private key share.
- The server sends the encrypted random number back to the user.
- The user decrypts the random number by sharing the private key.
- Sign the transaction with a decrypted random number.
- Send the signed transaction back to the server.
- The server combines the user’s signature with the signature of other parties involved in the transaction.
- The authorized transaction is then broadcast for block confirmation.
