Stand with Ukraine and Donate here

SMPC Wallets


Cryptocurrencies have left the category of “thing for the elite” long time ago and currently becoming more familiar and common. This means that more and more people who don't have a serious technical education are starting to become involved in them. But their knowledge and experience are not enough to ensure the high level of security of ordinary crypto-wallets, so it becomes easier for attackers to gain access to other people's crypto assets. Fortunately, this problem has several effective solutions, one of which is SMPC wallets.

What it it?

In short, SMPC wallets are cryptographic wallets that use the so-called “secure multi-party computing” (MPC) and Shamir’s secret distribution for security. Due to this, it becomes possible not only to break the access code into several parts, but also to work with these parts without fear of accidentally exposing their content.

Let's see what is the main problem. At the current moment, the most popular are the so-called custodian wallets. In fact - bank deposits, only in the world of cryptocurrencies. You transfer your private key to an authorized person (most often, to the exchange where cryptocurrencies are traded), and then interact with the wallet through its intermediary.

The advantages of this method are great - a strong simplification of security procedures, the ability to restore access in the event of loss of control, and you don't need to protect data by yourself. But only the presence of an intermediary increase the chances of information leakage since additional channels must be used to gain access. And if confidential information is intercepted, the criminal will get access to your wallet. Not to mention that the custodian can take advantage of the situation and also commit theft.

Shamir’s secret distribution partially solves this problem. It divides the private key into a random number of pieces and made so that for its reconstruction it will be necessary to collect a certain number of fragments. In this case, the loss of one fragment does not change anything, and it is impossible to individually provide access to information. The meaning of this distribution is to calculate the “function” (private key) based on a sufficient number of known points of this function (key fragments). In the context of crypto-wallets, this works both in the form of fragment distribution between different people and between different devices. Something like multi-factor identification, but safer because intercepting one piece of information will not give an attacker anything.

However, if the hacker intercepts the fragments for some time, he will be able to accumulate enough of them to gain access to information. And this can just be avoided with the help of secure multi-part computing.

How does MPC work?

Here is the main idea. Traditionally, cryptography protects information from external attacks. And MPC helps to cope with internal attacks. That means - with the situation when one of the seemingly trusted participants is trying to secretly from others gain access to their confidential information. Therefore, the point of MPC is to create such an exchange of information that automated systems can work with, but in which it is impossible to find out the content of that information that you do not have access to. Let's consider this with a specific example.

There is a certain team of employees with different salaries. And they wanted to find out how much they get at their work on average. However, they don't want to make their data public. What to do? They can choose a trusted third party and tell him their data. However, where is the guarantee that the “custodian” will do his job properly? So here is the best way to do it.

The first participant adds an absolutely random number to his salary. This result passes to the second participant. He also adds on his salary and passes on. After the last participant completes the calculations, he gives the records to the first one, he subtracts the added arbitrary number and divides the result by the number of participants.

This is how secure multi-part computing works. This allows you to satisfy three basic safety requirements:

  • None of the participants in the exchange can receive other people's data.
  • None of the participants in the exchange will receive a false result if everyone provides real information.
  • None of the participants can prevent others from receiving the data they need.

But how exactly does all this have connected to crypto wallets? Actually, the connection is straight.

Applied value

Shamir's distribution allows you to split a private key into the necessary number of parts. Secure multi-part computing allows each part to be encoded so that only the initial encoding algorithm can work with it. If any such fragment is intercepted, the attacker will not be able to use it. And if we add time binding to the initial encoding, then all previously intercepted fragments of the private key will be useless.

In this situation, there is no need for trust in the custodian - he will not be able to use the information that is transmitted to him, since you can work with it only in automatic mode. And this adds another level of security for custodian wallets that are so common now.

In addition to cryptographic wallets, secure multi-part computing can be useful for collecting statistical information. The user sends their data in encoded form, without fear that someone will be able to intercept and use them. And the collector will automatically analyze the received information, calculate the average value, calculate the total number or do other statistical manipulations.


Despite the fact that secure multi-part computing is considered as a special case of “entangled logic circuits”, from the point of view of an ordinary user everything is extremely simple and convenient. No need to do unnecessary actions and understand the information - most of the security problems are solved by automation. So MPC can really make cryptographic wallets simple and convenient for ordinary people.