In light of the events in recent months involving FTX and the spiral-down effect across the digital asset ecosystem, everyone is sceptical about how their funds are being handled. While there might be no compensation in sight for those who have lost their funds, the entirety of the crypto market agrees that, going forward, transparency should be key in areas such as the management of users’ funds. This has led to the emergence and recent application of “proof-of-reserves” (PoR) as a step toward increased transparency.
Despite the fact that wallet-as-a-service (WaaS) providers are not affected by these recent events, THRESH0LD has subscribed to the policy of utmost transparency and calls for institutions to adopt self-custody of their digital assets using multiparty computation which offers bank-grade security architecture.
With these issues in mind, this post explores the technical operations of THRESH0LD as a WaaS, focusing on how it enables institutions to maintain self-custody of their digital assets. We hope to provide clarity as to how funds are secured & how your organization alone retains 100% access and control of your wallets and assets whilst using THRESH0LD MPC.
Why Protect Digital Assets with Multi-Party Computation?
Using a self-custody wallet with MPC calls for a higher level of corporate governance controls than custodial wallets provided by an exchange or an institutional custodial service. By holding your assets in a vault/hot wallet that only you control, you ensure that no one else may access your assets. Not even the wallet service provider.
Compared to multi-sig wallets and hardware security modules (HSMs), MPC’s limitless flexibility and scalability come from its blockchain-agnostic nature and the ability to modify the signature scheme in real-time. MPC is unique among digital asset security solutions since it does not centrally hold a user’s wallet’s private keys but divides them into shards.
Cryptography using MPC can be used to safeguard private keys in any key management system, with wallet protection being one of its several applications. Therefore, while our services provide you with quick, efficient, and reliable access to the blockchain, where you may store, access, and manage your funds, this same service prevents us from having access to your funds, making you the sole operator and “self-custodian” of your digital assets as they are held on-chain.
How does THRESH0LD MPC Ensure Wallet Safety?
Secure MPC automatically supports multiple-signatory approval models. Each member holding a shard functions as a member of the MPC. Having multiple MPC approvers is common practice since it reduces the likelihood that a malicious attack within or outside your organization can acquire access to a complete key and abuse it fraudulently.
Additionally, all parties involved in a secure MPC deployment may use their own keys to create a partial signature locally, as the key share is never offered to another system outside the party’s device, it never leaves the user’s machine. Subsequently, the device transmits the partial signature. Partial signatures are exported by each participant and then aggregated once enough participants have contributed. During this procedure, the key never leaves the protected environment of the system in which it was generated.
An added advantage is the elimination of all digital trails. As no whole key is ever stored, there is no digital memory of a key that might be recovered from decommissioned hardware. Therefore, it is impossible to recover a whole key from a lost, stolen, or retired mobile device, computer, server, virtual machine, or container that held a key share.
Added to these functions, our system further ensures the safety of digital assets by providing:
Audit Records: Even though MPC works off-chain, the program still keeps a full audit trail of all security audits, including who approved which transactions and when. The key elements of any reliable security system, including audit and accountability enforcement, are preserved in this method.
Secure Operations amidst Compromises: While other multi-party approval schemes may fail to function when one or more parties become compromised, MPC can continue to function and carry out valid, approved transactions. Most other protection techniques either cease to function or abandon the protection phase when this happens.
Quantum Vault Protection: Since the key is effectively encrypted by secret sharing during the computation. It creates a quantum environment that keeps users’ funds safe from assaults on a single server.
Fluidity: MPC’s off-chain architecture makes it easy to change its security models and procedures to keep up with the ever-changing landscape of compliance rules and business procedures.
While other security approaches like multi-sig and HSMs offer some measure of protection, security providers and investors are best served by using multi-party computation to safeguard their digital assets. The use of MPC complements the security already provided by self-custody, making it one of the most secure ways to future-proof your assets against loss. As the sole custodian of your assets, the only one who can access them is you.
THRESH0LD offers a single, simple-to-integrate API that helps digital asset businesses such as crypto exchanges, payment processors and OTC solutions cut tx fees, save time and enhance security.
THRESH0LD MPC supports 44 blockchain protocols and a DeFiBridge that enables swaps across thousands of assets.
Found this piece interesting? Check out our other blog posts.