Multisig vs. MPC: Which is better for assets security?
Table of Contents
The increasing usage of digital assets in enterprises and organizations has sparked the needs for solutions that can provide scalability and operational flexibility. Moreover, security remains one of the most important concerns in keeping digital assets, hence, choosing the right solution that can ensure security levels is also necessary. At present, multisig or multisignature wallets and Multiparty Computation (MPC) are the two popular secure options to consider.
There is still a debate between multisignature wallets and MPC when it comes to security. Some think that using multisignature wallets are more secure, while others consider MPC is a better solution. In this article, we are going to learn about the differences between multisignature wallets and MPC, and find out which one is a suitable option for your needs.
What is Multisig?
Multisignature refers to a digital signing method that allows multiple individuals to sign documents collectively. Each multisignature address is usually controlled by multiple private keys. Prior to the emergence of multisignature wallets, the most popular method to store digital assets are single-signature wallets, which require only one private key to approve transactions. However, multisignature wallets, which require multiple private keys to sign transactions, offer better security because it adds an additional layer of protection to the wallet. It is obvious that multisignature wallets can handle all many issues that present in single-signature wallets. However, multisignature wallets also come with some drawbacks such as protocol dependence.
Advantages of Multisig
The advantages of multisignature wallets are often tied to security since it requires multiple private keys to sign transactions.
- With organizations, multisignature wallets offer added layers of security by requiring multiple parties to approve transactions. This reduces the risk of funds being stolen by an employee and claiming it to be hacked. For example, a 5-of-7 multisignature wallets require 5 out of 7 private keys to sign off on transactions. In this scenario, hackers would need to own at least 5 private keys to transfer the funds.
- With individuals, multisignature wallets allow them to store private keys on multiple devices. The separation of private keys on separate locations makes it harder for hackers to steal the money.
- With intermediaries, multisignature wallets can assist in escrowing transactions. For instance, a 2 of 3 multisignature wallets can be utilized to escrow funds, in which it requires at least two out of three parties to conduct transactions.
Disadvantages of Multisig
- Incompatible with some blockchains: While most blockchains allow for multisignature usage, some still don’t. Therefore, it would need support and modification from a third party. This reduces the possibility of innovations for multisignature wallets.
- Transactions are not private: The transactions of multisignature wallets are signed on chain, which means that anybody can track which wallets sign the transaction. Due to that, it is now possible to identify the individuals who have access to those wallets. The metadata could be used by malicious individuals to follow and trace the signers by looking up the signers' past activities.
- Slow transaction processing: The transaction is typically signed on-chain by multiple parties, which significantly slows down transaction processing. Additionally, the agreement must be signed separately by each party.
- Inflexibility: The access structure of a multisignature wallet is attached to the address. In case if you want to change the parties involved in a multisignature wallet, you have to create a new multisignature wallet to do it instead of directly modifying the access structure.
What is MPC (Multiparty Computation)?
Multiparty Computation (MPC) emerged as another solution to secure private keys. It is a cryptographic technique that enables several parties to compute using their pooled data without disclosing their individual input. The idea of a single private key is eliminated in multiparty computation since it does not require compiling a single private key in its entirety. When you first create the wallet or the actual signature, you don’t have a single private key. The issue of single point of failure in private keys is not present in multiparty computation. The following procedures are used by MPC to ensure relief from the load of a single point of failure.
- The individual secrets are randomly generated by each endpoint and are never shared between them
- Each endpoint takes part in a system for building a decentralized wallet, allowing them to calculate the wallet address or public key associated with the grouping of individual private shares.
- At least 3 endpoints (or quorums) engage in a distributed signing process upon signature requests for blockchain transactions. Each endpoint must independently validate the transaction and policy before signing the transaction.
MPC is able to provide an extra layer of private key protection because the private key does not remain on a certain device at a specific time. Each participant of the party can determine the necessity for additional transaction verifiers thanks to the dispersed nature of multiparty computation. Multiparty computation also provides flexibility for continuing customization and maintenance in the signature scheme.
Advantages of MPC
- Secure custody: In MPC, even when a private key is utilized, the complete key is never accessible on a single device at any given time. Despite the fact that certain parties may be compromised, security is ensured through threshold cryptography. There is also no single point of failure due to the cryptographic quorum policy enforcement.
- Resilient in operation: MPC enables a safe backup for private keys. Moreover, the keys can be updated without needing to change the public address.
- Flexibility: This is a superior advantage of MPC over multisignature wallets. MPC allows for continuous modification and maintenance of the signature scheme. For example, if the company wants to switch from 2 of 3 to 3 of 5 set up, it would only require existing parties to consent to the new policy and the changes of parties involved. This modification does not have any effect on the wallet. There is no need to change to a new address, instead, it remains constant.
- Blockchain agnostic: MPC signatures can be used externally. Therefore, the policy for key management and approval is fully off-chain. As a result, MPC can be utilized without the blockchain being aware of it. This is significant since some blockchains do not come with built-in multi-signature support.
- Transactions remain private: Transactions in MPC remain private and only visible to the parties involved.
Disadvantages of MPC
- High computational resources and deployment costs: MPC methods produce a lot of random numbers, which uses up processing power. The wide range of server and storage configurations can affect the performance of MPC protocols. It also requires lots of deployment costs (such as communication devices) to group data that keeps in fragments at various locations to produce the end result.
- Malicious participants must be presumed: To implement MPC securely, accurate estimates about the percentage of malevolent actors engaging in collaborative computation are necessary.
The differences between Multisig and MPC
Having understood the advantages and disadvantages of each solution, we’ve compiled the differences between Multisig and MPC in the table below:
|Compatibility||Multiparty computation makes use of a simple address that can be easily deployed across numerous devices and is flexible enough to accommodate changing permission rules. It also works well with various decentralized services and solutions.||Multisignature wallets only work for specific blockchain protocols|
|Privacy||Multiparty computation protects the information of parties involved in the transaction||Anyone on the blockchain can track the address of the parties involved|
|Flexibility||Multiparty Computation allows flexible rules for establishing the requirements for transaction signing as well as an unlimited number of parties in a quorum||With constraints on quorum authorisation regulations, changes to addresses necessitate changes to the code in a multisignature method.|
|Speed||Transaction time is reduced by using an off-chain signing strategy and secrets that permit anonymous transaction signing.||Transaction processing times are impacted by on-chain signing and the addition of extra data to scripts.|
In summary, multisignature and MPC have their own advantages and disadvantages. It is clear that MPC outweighs multisignature on some criteria such as privacy and compatibility, however, you should consider many aspects between them to choose the right solution that is suitable for your own needs.
About Orochi Network
Orochi Network is a cutting-edge zkOS (An operating system based on zero-knowledge proof) designed to tackle the challenges of computation limitation, data correctness, and data availability in the Web3 industry. With the well-rounded solutions for decentralized gaming and metaverse applications, Orochi Network omits the current performance-related barriers and makes ways for more comprehensive dApps hence, becoming the backbone of Web3's infrastructure landscape.
Verifiable Random Function
Introducing Orochi Network - The Operating System For High Performance dApp And Metaverse
10 January 2023
Orosign Wallet 101: How to get started?
03 February 2023
Validity Proofs vs. Fraud Proofs: An Explanation
06 January 2023
Introducing Orosign Multisignature Wallet - A Self-Managing Mobile App For Digital Assets
06 January 2023
Introducing Orand: Your Trustless Source of Randomness
20 February 2023
Verifiable Random Function