In the world of digital assets, two common methods are deployed for self-custody: Multi-Party Computation (MPC) and multi-signature (multi-sig). 

Between the two, which is the better self-custody method?

The answer ultimately depends on your institution’s priorities. While MPC focuses on operational efficiency and flexibility, multi-signature heavily emphasizes provability to safeguard digital assets from external compromise. Through the principle of provability, multi-signature empowers institutions with complete control and oversight over their digital assets.

At Levain, provability precedes every aspect of digital asset custody, only achievable with multi-signature technology. This is why we have chosen multi-sig for our institutional self-custody wallet solution. 

This article examines the nuances of each wallet model before diving into the reasons behind Levain’s choice to deploy multi-signature.

MPC: Off-chain to boost efficiency

As mentioned, MPC prioritizes operational efficiency and cross-chain support for multiple blockchains. These features are responsible for popularizing MPC in the self-custody space, which began in 2018 when custody providers sought an institutional approach to digital asset custody.

The initial idea was to go “keyless,” where one private key (controlling one single-signature address) is "sharded" into three or more fragments. These key shards are then distributed to different stakeholders. During the signing process, key shards are used to generate signature shards, where the signature shards come together to form a collective valid signature to sign transactions.

As these shards come together off-chain, they do not need to be integrated with every blockchain. In turn, this means that MPC enables users to efficiently expand their operations, which ties back to MPC’s roots as an engineering tool of convenience to facilitate cross-chain access via a single-signature address.

For a detailed explanation of how MPC works, read our article on the design models of cryptocurrency wallets.

Multi-Signature: On-chain, thus provably secure

Unlike MPC, multi-signature features an on-chain transaction process that requires separate integrations for each blockchain. While the on-chain nature of multi-signature does limit its operational efficiency, this also translates into true, provable self-custody for institutions.

In turn, multi-signature equips institutions with absolute control and oversight over their digital assets across all stages of the custody life cycle, where no third party can gain access at any point:  

1. The initial generation of private key material that holds the digital asset, individual parties independently generate their own personal private keys that manage the shared wallet collectively.
2. Creation of the multi-sig wallet on-chain
3. Process of transacting with the digital asset 

Institutions benefit from enhanced transparency as the entire transaction process is verifiable on-chain. Each private key generates one signature with M of N signatures needed to sign any transaction - this all occurs on-chain and is fully verifiable.

This is unlike MPC, where the signature consensus happens off-chain, which prevents users from verifying the transaction's authenticity and the identities of the signees. In essence, the signature shards unite off-chain but are executed on-chain.

Furthermore, multi-signature ensures that the institution fully owns the keys and is kept offline for security purposes. MPC requires that the key shards remain perpetually online, ready to sign transactions according to the platform’s instructions. 

While multi-signature stands out for its unrivaled provability and security, it does come with one downside: loss of efficiency. As approvals occur on-chain, multi-signature wallets must be individually integrated with every blockchain, and each one may have different implementation requirements - this is a laborious process requiring time.

This sets multi-signature apart from MPC, where the off-chain approval process makes it blockchain-agnostic to accommodate faster integrations. However, MPC’s uptick in efficiency comes at the cost of provability.

The upside is that multi-signature signatures are purposefully signed by every keyholder. Keyholders can independently verify the transaction and intent before signing them, and unlike MPC, this can be performed asynchronously. 

MPC participants are involved in multi-stage active signing processes without context, which is done in real-time. This means that no verification is done before the signing process is finalized.

Is MPC safe?: MPC uses a centralized policy engine 

MPC has thus far been established to be efficient and interoperable. But what about its security? A closer look at MPC may shed light on the matter.

After the private key is split, the MPC system distributes the shards across many servers. All these servers must always remain online and active, rendering passive signings impossible. 

To manage the servers, the MPC provider builds a centralized policy engine (or microservice) that issues instructions to every server. This policy engine doubles as the user interface approved users utilize to initiate and approve transactions.

When the policy engine approves a transaction, it relays the instruction to sign it to the servers. The servers sign the transaction before transferring it to the blockchain, where it appears as a single-signature address.

Throughout the process, the servers have no visibility over what occurs within the policy engine. They also do not question the validity of the transactions relayed to them, simply approving them before transferring them to the blockchain.

What does this demonstrate about MPC? In essence, the system prioritizes efficiency and interoperability over security and transparency. To illustrate, consider the recent case of Multichain, where users abruptly lost access to their funds when the major blockchain bridging platform’s CEO Zhaojun was arrested.

According to a Twitter thread by Multichain, the incident resulted from the company's use of at least one MPC-based address to manage its assets. Zhaojun had used his personal cloud server account to run all the MPC node servers, which meant no one else had access to Multichain's servers and funds; his arrest also locked the global Multichain team out of its operational access keys.

After carefully considering how MPC works, Levain chose multi-signature as it prioritizes provable security for the institutional self-custody of digital assets.

Why Levain uses multi-signature over MPC

While MPC focuses on operational efficiency and interoperability, multi-signature prioritizes provability. Designed to meet institutions' internal risk and control requirements, multi-signature eliminates the single point of failure by distributing multiple private keys to different parties. 

Specific to Levain, our multi-signature solution utilizes a 2-of-3 quorum, where the institution fully owns and controls enough private keys needed to move funds. The institution is also responsible for encrypting the keys via a unique password of their choosing.

In this setup, two keys (one encrypted and one managed by Levain as a co-signer) actively govern transactions. Decrypting the encrypted key is necessary to sign off any transaction, executed only when the necessary approvals are obtained from every stakeholder.

The process is completely provable, further empowering institutions with control and oversight over their digital assets. Levain’s powerful provable model grants institutions unrivaled transparency, enabling them to verify and audit the entire custody process from start to finish.

Talk to us and learn more about how Levain empowers your institution with multi-signature. Reach out here.