To interact with the blockchain, you need a wallet. It allows you to store, sign and transact directly on the blockchain. There are many different types of wallets, each with their own advantages and disadvantages. This document aims to provide a high level overview of the different types of wallets and their tradeoffs.
There are two ways to store private keys:
- Hot wallets: private key is on a storage or device that is somehow connected to the internet
- Cold wallets: private key is on a storage or device, that is not connected to the internet - either on a HSM (hardware security module) or an external device like ledger
There are multiple ways to sign messages and conduct transactions directly on the blockchain:
- Private key wallet: User wallet stores a the private key that can be used to sign TX (e.g. Ledger, Metamask)
- MPC wallet: private key is made up of multiple fractions (typically 2 in a retail setup). The wallet stores a single fraction, and the service provider stores another fraction. Transactions can be signed with 2 out of 2 signatures individually and then “assembled” together before submitting to the blockchain.
- Account Abstraction / Smart Contract Wallet: Once a transaction is signed, the wallet submits the transaction to a smart contract on the blockchain. This contract acts as the holder of the assets, the wallet is only the controller. Depending on implementation, this “smart contract wallet” can pay for the gas fees in different currencies, have different security mechanisms such as spend limits, multi-signatures, recovery mechanism, etc.
We at pier believe that Account Abstraction and MPC wallets are the future of crypto wallets. They provide the best security and user experience.
Blockchain uses ECDSA signatures - with a private key and a public key.
- The private key is a 32-byte integer, typically represented in hash form
- If we apply the ECDSA algorithm (specifically secp256k1 for Bitcoin and Ethereum) to the private key, we get another integer - the public key linked to the private key.
- The public key can be represented in two ways:
- Full: 65-bytes long integer
- Compressed: 33-bytes long integer
- An address of a wallet is the hash (sha-256, keccak-256) of the public key.
The basic “function” of a wallet at it's core: store a private key that allows to sign messages and submit signed transactions on a blockchain and “know” the digital values assigned to the public address of the wallet.
MPC - short for multi party computing - is a method to break up the private key into shares, encrypt it, and divide it among multiple parties.
These parties will independently compute their part of the private key share they hold to produce a signature without revealing the encryption to the other parties. This means there is never a time when the private key is formed in one place; instead, it exists in a fully “liquid” form.
Ordinarily, when a single private key is stored in one place, a wallet's owner would need to trust that the device or party that holds that private key is completely secure. Such a device could be an HSM or, less securely, a phone or a web browser wallet that holds the private key in a secure storage on device.
However, these parties have proven themselves to be vulnerable. When an attacker only needs to succeed in hacking one point of compromise to steal a private key, it leaves the digital assets that key unlocks wide open to theft.
Multi-party computation does away with this problem, as the private key is now no longer held by any one party at any point in time. Instead, it is decentralized and held across multiple parties (i.e. devices), each blind to the other. Whenever the key is required, MPC is set in motion to confirm that all parties, or a predetermined number of parties out of the full set, approve of the request.
With MPC technology in play, a potential hacker now has a much harder task ahead of them. To gain control over a user's wallet, they now need to attack multiple parties across different operating platforms at different locations simultaneously.
The multi-party computation solution then solves the problem of secure key storage. As the key no longer resides in one single place, it also allows more personnel to access a wallet without the risk of any of them turning rogue and running off with the digital assets it contains.
In addition, with the private key completely secure, users can now hold their assets online and no longer need cumbersome cold-storage devices. This means that transferring digital assets is now more fluid and no compromise is required between security and operational efficiency.
In practice, they are multiple algorithms to do MPC, MPC-CMP, MPC-GG20 being the widely adopted and fast methods.