follow us on twitter . like us on facebook . follow us on instagram . subscribe to our youtube channel . announcements on telegram channel . ask urgent question ONLY . Subscribe to our reddit . Altcoins Talks Shop Shop


This is an Ad. Advertised sites are not endorsement by our Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise Here Ads bidding Bidding Open

Author Topic: Why are MPC wallets Secure?  (Read 3579 times)

Offline wilkine

  • 1 strike
  • Baby Steps
  • *
  • Activity: 44
  • points:
    1754
  • Karma: -7
  • Trade Count: (0)
  • Referrals: 0
  • Last Active: March 11, 2024, 06:58:05 AM
    • View Profile

  • Total Badges: 5
    Badges: (View All)
    Second year Anniversary One year Anniversary Topic Starter
Why are MPC wallets Secure?
« on: June 02, 2023, 11:51:03 AM »
Popular plug-in wallets, such as metamask, work by generating seed-mnemonic-public-private keys through the BIP 39 protocol, and each transaction also requires the private key to participate in plain text.
The MPC wallet has only a fragment of the private key and is stored on different devices. Therefore, the MPC wallet does not expose the plaintext private key in the process of signature transaction. Even if the user's device is hacked, the hacker cannot obtain the full private key. But there is a post-risk that faces users......
Recently, the private key security of wallet has once again become the focus of public opinion. In early March this year, a large number of addresses with ARB airdrops were leaked private keys, triggering a "windfall" for scientists; Earlier, an industry OG tweeted a warning: "Found a new way to steal money, in foreign KTV, fraud gangs quietly KTV sharing power bank modified and implanted malicious programs, guests in KTV singing, drinking consumption what is a stay is most of the day, the mobile phone is easy to no electricity, and then go to borrow the charge bank, the result you think the charge bank in their mobile phone charging, The result is reading the data in the phone and stealing the private key in the wallet."
How can the average web3.0 player protect their wallet assets from tragedy in the dark forest on the chain?
An increasingly popular solution is the MPC wallet, but how does it work? Is it really completely safe after use? This article will give you accurate science.
Firstly, the Multi-party Computation (MPC) is a zero-knowledge proof technology path proposed by Professor Yao Qizhi of Tsinghua University in 1982. In practical application scenarios, it covers a large number of modern cryptography technologies, such as RSA, ElGamal, ECDSA and other public key cryptography algorithms. And Shamir secret sharing protocol. The combination of these technologies makes MPCS highly secure and scalable, and ensures the following security requirements:
Distributed encryption allows data to be divided into multiple copies and stored in different parties, thus avoiding the risk of data leakage.
Zero-knowledge proof can prove the truth of a fact without disclosing other information related to the fact.
Secret sharing allows information to be distributed to multiple parties, ensuring that the information as a whole is not independently controlled by any party.
The current industry approach to applying the MPC concept to wallet products is:
Each wallet manager (participant) holds a key fragment;
A certain number of parties cooperate when the transaction is required, and the full private key can be recreated and the signing process completed in TEE (a trusted encryption execution environment).
This business process keeps the plaintext private key from being exposed during the transaction. Even if the device where the key fragments are stored is compromised, the hacker cannot obtain the full private key to improve security.
It is not difficult to find that, compared with those implemented by Safe (i.e. Gnosis) and other smart contract multi-signature wallets, the core differences are as follows: smart contract multi-signature wallets participate in multi-signature through private key (blockchain address), and there is still the risk of private key theft; However, participants of MPC wallet do not grasp the full private key, but implement the Threshold Signature Scheme through key fragmentation, thus eliminating the single point of risk.
But are assets now completely safe? Obviously not!
Although the MPC wallet implements the security of the signature process, it puts a post-risk [fragment security management policy] in front of the user.
The private key fragment management strategy of MPC wallet, there are three mainstream markets at present: [self-hosting mode] [mixed hosting mode] [centralized hosting mode]. Among them, [self-hosting mode] best fits the hardcore crypto native concept: users are required to manage mnemonics and all key fragments by themselves. Once the mnemonics and all storage fragmentation devices are lost, assets will fall asleep on the chain. Although [mixed hosting mode] [centralized hosting mode] strategy can achieve functions such as unfamiliar equipment recover, social recovery, but because the sharding hosting party can not 100% eliminate the risk of human evil, so the security and CEX, heavily rely on the credibility of the founder.
Thus, when choosing an MPC wallet, users will have their cake and eat it: 1. Choose a [self-hosting model] product, and then protect mnemonics with more effort and cost; 2. Choose [mixed hosting mode] and [centralized hosting mode] products to enjoy the experience of using web2.0, but you must trust the product operators not to do evil.
To sum up, the security of the MPC wallet is not only related to the signature process, but also related to the management policy of key fragment.
[self-hosting mode] is more suitable for enterprise-level users: they pursue complete security, and have enough manpower and resources to ensure that their mnemonics and storage devices will not all be lost at the same time; On the other hand, [hybrid hosting mode] [centralized hosting mode] is more suitable for ordinary web3.0 players: small capital, scattered holdings, rigid needs for centralized scenarios, so used to believe in human nature (even in FTX-like disasters, relatively little loss).

Altcoins Talks - Cryptocurrency Forum

Why are MPC wallets Secure?
« on: June 02, 2023, 11:51:03 AM »

For Monthly biddings Check Here


 

ETH & ERC20 Tokens Donations: 0x2143F7146F0AadC0F9d85ea98F23273Da0e002Ab
BNB & BEP20 Tokens Donations: 0xcbDAB774B5659cB905d4db5487F9e2057b96147F
BTC Donations: bc1qjf99wr3dz9jn9fr43q28x0r50zeyxewcq8swng
BTC Tips for Moderators: 1Pz1S3d4Aiq7QE4m3MmuoUPEvKaAYbZRoG
Powered by SMFPacks Social Login Mod