MPC-based threshold signature scheme
Multi-party computation is a subfield of cryptography that started with Yao's millionaires’ problem in 1982. In MPC, a set of parties that do not trust each other try to jointly compute a function over their inputs, and it is guaranteed that each party only obtains its own computational results, and the input and output data of any other party cannot be inferred from the interaction data during the computation.
There are three main properties of multi-party computation :
1. Correctness: the parties involved in multi-party computing initiate computation tasks and perform collaborative computation through an agreed secure multi-party computation function. The output produced by and algorithm is correct ( as expected).
2. Privacy: each party must ensure that their secret inputs are independent and that no local data is disclosed during the computation.
3. Decentralization: a decentralized computing model is offered with total equal of each participant, and no privilege for any participant or third party.
The MPC-based threshold signature scheme divides the private key into many "fragments" in some way, and these fragments are held by multiple parties. When a signature is needed, the multi-party computation ensures that these fragments can directly generate a legitimate signature without putting them together. "No need to put it all together" means that the real private key is never and does not need to appear.
Threshold Signature Scheme (TSS) vs Multi-signature
TSS and Multisig may seem very similar in that they both enable a multi-person management model for digital assets, but they are different in practice.
Technically speaking, TSS is done off-chain, while Multisig happens on-chain and requires the chain itself to implement some mechanism to support it. For example, we know that Bitcoin implements Multisig through scripts, and Ethereum through smart contracts. TSS are based on cryptography and do not depend on a specific chain. Even for some chains that do not support Multisig, such as NEO, TSS can be used for multi-person management purposes.
Secondly, the transactions generated by TSS look no different from ordinary ones, and on the chain, others cannot distinguish whether it is signed by one person or multiple people behind it, because its form and appearance is one signature, which is the same as signing out directly with the private key. This makes TSS have better privacy than Multisig, and the signer's information will not appear in the on-chain transaction.
TSS is also better than Multisig in terms of security. It is well known that there have been incidents of multisig smart contracts being hacked due to vulnerabilities on ethereum resulting in theft of assets. TSS is independent of the chain, so it circumvents the possible vulnerability of the chain itself.
Multi-party Computation (MPC) vs Secret Sharing
The concept of secret sharing was first introduced independently by Shamir and Blakley in 1979 with their respective schemes. Shamir's ( t, n) threshold scheme is implemented based on Lagrange interpolation, and Blakley's ( t, n) threshold scheme is built using the properties of multidimensional space points.
Secret sharing can also be implemented by splitting the private key into multiple shares for threshold signature scheme, but differs from threshold signature scheme based on multi-party computation in two ways.
1. Secret sharing is to have one of the parties generate the private key and then split and distribute the private key to other participants, and the private key has the risk of single point exposure at the time of generation.
2. When doing signing, the secret-sharing based scheme also needs to recover the private key before completing the signing, which also has the risk of single point of exposure.
While in the multi-party computation-based scheme, the private key never appears, which is more secure than the secret-sharing based scheme.
Jade Wallet's use of Threshold Signature Scheme (TSS) technology based on Multi-Party Computation (MPC) offers users the complete control over their digital assets and reduces management risks. We want to leverage advanced and innovative technologies to provide a more user-friendly and secure experience for blockchain.