Published Jun 16, 2022
By Qredo Team
How To Compare MPC Wallet Providers: 5 Key Differences To Consider
This cryptographic breakthrough replaces the critical vulnerability of private keys with distributed nodes that sign transactions together. In doing so, it creates high levels of security without compromising on operational efficiency — making it the gold standard for institutional-grade digital asset custody infrastructure.
However, not all MPC solutions are created equally.
To help you make sense of the market, here are four big differences that you need to understand when choosing an MPC solution.
1. Is the MPC database-driven or consensus-driven?
The most critical difference between MPC implementations is not the MPC protocol itself, but the governance layer — how the ownership rights over the assets are managed and stored.
This governance layer invokes the MPC nodes when it comes to signing a transaction and generating a deposit address.
For many MPC vendors, this governance layer will be a simple database. But as any security specialist will tell you, any system is only as strong as its weakest link. A hacker or malicious insider aiming to attack such an MPC vendor could simply compromise the vulnerable database and rewrite the ledger at will; changing ownership policies, or whitelisting different addresses and invoking transactions to suit their own ends.
Instead of a vulnerable database, Qredo uses a blockchain to record asset ownership.
In this way, the MPC is consensus-driven. Each change to the custodial records, each adjustment of ownership, and each transaction, must be confirmed by validators on the blockchain, creating an immutable record that is replicated by each node on the network, and impossible to change without authorization.
2. Who holds the sensitive key material?
When choosing between traditional custody solutions, you would be wise to ask: who holds the keys?
With MPC solutions, the question becomes: who holds the sensitive key material?
Most MPC solutions are semi-custodial. They employ a collaborative model in which sensitive key material is shared between the customer and the vendor. For example, this could be a 2 of 2 scheme in which both the customer and vendor hold a key shard, or a 2 of 3 scheme in which the vendor holds 2 shards and the customer 1 shard.
Because this setup involves customers holding private key material, it opens the possibility of a customer losing key shards. And losing key shards means losing funds.
In addition, as this setup involves MPC vendors holding private key material, then they participate in signing transactions, and may be considered a custodian. This puts them in a different category to pure technology vendors, and means they must seek regulatory approval and authorization in every jurisdiction they serve.
When Qredo has completed its journey to decentralization, the sensitive key material will be held by independent blockchain validators. This will create the first trustless implementation of MPC.
3. Where is the sensitive material stored?
Once you know who has control over sensitive key material, the question becomes: how is it stored?
High levels of security are typically achieved by a few different methods:
i) Storing shards separately
Aside from being split between customer and vendor, sensitive key material may be stored with different cloud providers, or geographically distributed. Watch out for artificial forms of separation — such as different cloud providers or hardware environments — where control ultimately still rests with the same group of executives and developers.
ii) Isolated computing environments
Some MPC providers will use hardware security modules (HSMs) or secure enclaves to protect the private key data and insulate digital assets from cyber-attack. Be aware that these isolated computing environments can have vulnerabilities. Intel SGX hardware-isolated enclaves, for instance, have been cracked multiple times.
Within the isolated environments, the private key secrets themselves should be encrypted as a last line of defense against potential hackers.
4. Is the MPC protocol peer-reviewed?
Since it was first developed back when Elvis Presley was still topping the charts, MPC has been refined through five decades of academic research.
All MPC implementations for private key management should be built on this solid theoretical foundation, and be peer-reviewed. Most MPC protocols will rely on the industry standard, Gennaro and Goldfeder’s algorithm (MPC-GG18), but other implementations like RZL sMPC are not yet thoroughly tested.
In addition to ensuring that the protocol is academically sound, make sure that there are audits and penetration testing of the specific implementation.
As MPC is still evolving, it is also important to make sure that the implementation is up to speed with the latest features. These include key rotation, which moves material between MPC nodes to make the protocol a moving target, making it extremely unlikely that a malicious actor could steal all the key shards.
5. How much does it cost?
The cost of an MPC solution will depend on the vendor, the value of your assets under management, and your level of activity in the digital asset market:
Are you a long-term HODLer or a scalper?
Do you dip in and out of DeFi protocols making multiple intraday trades?
Or, do you passively farm stablecoins on Curve?
The answer could determine which fee structure is the most cost effective for your digital asset business.
Many MPC solutions will charge a single set up fee of anything up to $10K, plus fixed monthly fees averaging around $3K per month. In addition, you might pay activity fees based on the number of transactions made.
For a particularly active DeFi user with $400M AUM making 132 transactions per day, we calculate that the average MPC solution would cost around $120K per annum.
Using Qredo's integration with MetaMask Institutional that same user could pay as little as $80K.