MPC Documentation
What is MPC?
MPC stands for multi-party computation, which allows multiple parties to jointly calculate a value while keeping their private information secure. Each party holds a part of the whole private information and together, they compute the result without revealing their secret parts or reconstruct the complete private information.
How a traditional wallet works?
To interact with Blockchain, users need private keys to sign transactions. In a traditional wallet, the user's private key is generated and stored on the device where the wallet is installed. When a user initiates a transaction, the wallet accesses the stored private key to sign the transaction and then submits it to the blockchain.
Here is the flow about sign and submit transaction
How MOSU wallet uses MPC
As mentioned earlier, making a transaction on the blockchain requires the user to sign it with a private key. In the previous section, we discussed traditional wallets, where the user's entire private key information is stored in an individual location—the wallet. In the MOSU wallet, the user's private keys are securely distributed between two parties. The first party (Party A) resides within the MOSU wallet application installed on the user’s device, while the second party (Party B) is a cloud server. Please note that we plan to add additional MPC party members, such as web browsers, in the future to ensure a more versatile and seamless experience for all our users. To sign a transaction, both parties collaborate, ensuring that their respective secret data remains private. Before explaining the signing process, let us first introduce how the private key is divided and distributed between the two parties during the wallet creation process. .
Wallet Creation
MOSU wallet supports 2 configurations of the creation process
Full-MPC mode: in this mode, the whole private key is never constructed. Both parties will work together by exchanging messages for a few rounds to obtain a share of the whole private key.
Mnemonic-Compatible MPC mode: In this mode, Party A generates mnemonic phrases and derives the private key using those phrases. Both parties then engage in a multi-round exchange of messages. At the end of this process, each party holds a share of the private key, and Party A securely deletes the complete private key from its system. Fully compliant with BIP32/39 standards, this mode allows you to seamlessly convert existing wallets like MetaMask into an MPC wallet or export your MOSU MPC wallet to other wallets of your choice.
At the end of the wallet creation process, both parties hold a share about the private key. And those parties can collaboratively sign transactions by using MPC algorithms for the signing process. Both configurations produce the same output - a share for each party, which is then used as input for the signing process in a consistent manner.
The Mnemonic-Compatible MPC mode is fully compatible with BIP32/BIP39, allowing for wallet creation using mnemonic phrases. In contrast, Full-MPC mode enables wallet creation without revealing the private key to either party.
Sign Transaction
The MOSU wallet uses a 2-of-2 scheme for the signing process in the first version, requiring both parties to collaborate in signing transactions.
We can consider the MOSU wallet to have 2 components/parties- Party A is the application that users install on their devices. Users interact with Party A directly
- Party B is the Cloud Server, which holds a share of the private key. Users never communicate with Party B directly
- Users prepare a transaction’s payload, send it to Party A
- Party A receive the transaction’s payload, then collaborate with Party B to sign the transaction
- This process requires multiple rounds of message exchange
- Both parties only hold a part of the private key, so those parties need to exchange messages to jointly calculate the transaction’s signature without revealing their shares
- The MOSU wallet supports MPC for
- ECDSA
- EdDSA
- The transaction’s signature is calculated once the signing process is done
- The MOSU wallet submits the signed transaction to blockchain by using RPC calls
How MOSU wallet enhances security
- Reduced Single Point of Failure: The MOSU wallet offers strong protection by splitting the private key into shares and securely distributing each share between parties. This approach ensures that even if one party is compromised, the attacker cannot access the complete private key. In contrast, traditional wallets store the private key in one location, making them vulnerable to full compromise if the key is exposed. By dividing the private key between multiple trusted parties, MOSU provides a much higher level of security.
- Recovery Key distribution in the MOSU wallet allows recovery even if one shared key is lost. The MOSU wallet supports recovery feature so that users can recover their shares conveniently.
Advantages of the MOSU wallet
- Compatible with existing BIP32/39 wallets so it is convenient for users with previous experience in using traditional wallets such as MetaMask. Users can import or export accounts to traditional wallets anytime.
- Organization Control: The MOSU wallet can be adapted for shared control within organizations. For example, a 2-of-3 scheme (in future) could require approval from at least two out of three executives to transfer funds or assets.
- Convenient for normal users: the MOSU wallet and traditional wallets. Users only need to initiate a transaction by providing payload, the signing process is handled in the background by the MOSU wallet (using MPC) or traditional wallets. However, the MOSU wallet leverages MPC for the singing process so it may take slightly longer compared to traditional wallets.
- Transaction policy: Users can configure policies to align with their needs.
- Passkey: users do not need to remember passwords and passkeys can be synchronized across devices
