If you ask what is the most frustrating thing in the blockchain, everyone may have a different answer, but it is undoubtedly recognized that the leakage of private keys leads to the theft of assets. One of the foundations of the current cryptocurrency blockchain is the mathematically generated public key/address-private key pair. The private key is equivalent to our real bank card + password. Once leaked, hackers can quickly take your money, and you can only do nothing. MPC private keyless wallet may be a way out.

In fact, the private key is one of the thresholds for most people to understand blockchain, because most people who are familiar with centralization are more familiar with the bank card account + password, and once the funds are stolen, they will first think about whether to contact the customer service of the wallet provider to ask if there is any solution. The record of the private key is generated by random numbers, but in computers, true random numbers do not exist. Most random numbers are called pseudo-random numbers. For example, the paper wallets that people used to use before used the mouse to move coordinates to generate pseudo-random numbers, and then generate private keys. Of course, this method has been eliminated.

In addition, there are the previous brain wallets, in which users generate random numbers by inputting characters to facilitate their own memory. For example, some people use a sentence from Tang poetry or Song lyrics to generate a wallet. Because some of its vulnerabilities have been exploited, hackers can brute force crack and steal user assets. Therefore, the current brain wallets have also been eliminated.

Most wallet software mainly supports the mnemonic method, which is 11 mnemonics + 1 check digit. Of course, there is also a form of 24 mnemonics. The principle is basically the same. Of course, there is also a form of adding passwords to the mnemonic wallet. Setting different passwords for the same set of mnemonics will generate different wallet addresses. This type of wallet software currently supports relatively few, so it is not popular.

Currently, multi-signature wallets are a more common method for asset management teams. For example, we use a 2/3 multi-signature wallet to generate three private keys for joint management. When transferring coins, only two private key signatures are required. In Ethereum, this form requires the deployment of contracts on the chain to control funds through contracts, which is also called a smart contract wallet.

For security reasons, people have also invented hardware wallets to protect private keys/mnemonics from being leaked online, but this still does not get rid of the form of mnemonics/private keys/random number derivation. In Web3, this category is also called EOA wallets, such as Metamask (software EOA), Ledger (hardware EOA), etc.

Smart Contract Wallet and MPC Wallet

A smart contract wallet is a wallet that deploys contracts on the chain, such as Argent (single-signature smart contract wallet), Gnosis Safe Multisig (multi-signature smart contract wallet), etc. For example, when we use Argent, if it is a new wallet, the wallet is normal when receiving funds, but when it needs to send funds out, the wallet first needs to execute a transaction to activate the wallet, and then it can send assets.

For example, in this figure, handle deposit refers to the assets coming in across the chain (the wallet receives the assets), while Account create and transfer refers to the wallet creation and fund sending.

The other is the wallet of the MPC solution we mentioned, such as ZenGo, Web3Auth, etc. MPC is the abbreviation of multi-party computing, which is a form of privacy computing and a commonly used method. It belongs to the same track as TEE and ZK zero-knowledge proof. Of course, their application scenarios have different focuses. Private key information is not touched here, and the private key can be invisible throughout the process. Unlike multi-signature wallets, multi-signature wallets are confirmed by managing private key combination signatures. Users can access private key fragments, and multiple private key fragments of MPC are constantly changing, that is to say, no fixed private key will be generated in this process, and even if a hacker gets a private key fragment, it is useless. Therefore, this also completely gets rid of the limitation of private keys, and for B-side users, it can also provide more flexible solutions.

In Ethereum, a multi-signature wallet is a wallet deployed on the chain to execute smart contracts. We understand it as a contract wallet, while the verification of the MPC wallet is performed off-chain, and smart contracts are not involved here. On the one hand, smart contract wallets cannot adapt to multiple chains (the same address EOA wallet can be switched to multiple chains such as ETH/Polygon/BSC, but a multi-signature smart contract wallet can only be used on one chain. If it is deployed on other chains, the address will change). At the same time, smart contract wallets will lead to an increase in interactive gas fees because the interactive process will bring more calculations, but this will not happen with MPC wallets.

The current MPC wallet is not popular, but it has attracted much attention. Corresponding products and solutions such as unipass, bitizen, zengo, fireblocks, web3auth, etc. are all involved in MPC solutions.

Overall, the MPC wallet is a new way of keeping wallets, also known as the next generation of wallet asset management. Combined with the needs of Web3 DApp wallet login and other scenarios, it will gradually become popular, and the wallet management problems that plague users may also end.