Crypto rug pulls

Crypto rug pulls

by with No Comment Cybersecurity basics
1.

What is a rug pull in cryptocurrency?

A rug pull is a type of crypto scam that occurs when a team pumps their project’s token before disappearing with the funds, leaving their investors with a valueless asset. 

Rug pulls happen when fraudulent developers create a new crypto token, pump up the price and then pull as much value out of them as possible before abandoning them as their price drops to zero. Rug pulls are a type of exit scam and a decentralized finance (DeFi) exploit.

Before learning how to spot a rug pull in crypto and why crypto rug pulls happen, it helps to understand the three different types of rug pulls.

2.

What are the various types of rug pulls?

There are three main types of rug pulls in crypto: liquidity stealing, limiting sell orders and dumping. 

What are the various types of rug pulls?
What are the various types of rug pulls?

Liquidity stealing occurs when token creators withdraw all the coins from the liquidity pool. Doing so removes all the value injected into the currency by investors, driving its price down to zero.

These “liquidity pulls” usually happen in DeFi environments. A DeFi rug pull is the most common exit scam.

Limiting sell orders is a subtle way for a malicious developer to defraud investors. In this situation, the developer codes the tokens so that they’re the only party that is able to sell them.

Developers then wait for retail investors to buy into their new crypto using paired currencies. Paired currencies are two currencies that have been paired for trading, with one against the other. Once there is enough positive price action, they dump their positions and leave a worthless token in their wake.

The Squid Token scam exemplifies rug pulls of this kind.

Dumping occurs when developers quickly sell off their own large supply of tokens. Doing so drives down the price of the coin and leaves remaining investors holding worthless tokens. “Dumping” usually occurs after heavy promotion on social media platforms. The resulting spike and sell-off are known as a Pump-and-Dump Scheme.

Dumping is more of an ethical gray area than other DeFi rug pull scams. In general, it’s not unethical for crypto developers to buy and sell their own currency. “Dumping,” when it comes to DeFi cryptocurrency rug pulls, is a question of how much and how quickly a coin is sold.

3.

Hard pulls vs soft pulls

Rug pulls come in two forms: hard and soft. Malicious code and liquidity stealing are hard pulls, whereas soft pulls refer to dumping an asset. 

Rug pulls can be “hard” or “soft.” Hard rug pulls occur when project developers code malicious backdoors into their token. Malicious backdoors are hidden exploits that have been coded into the project’s smart contract by the developers. The intent to commit fraud is clear from the get-go. Liquidity stealing is also considered a hard pull.

Soft rug pulls refer to token developers dumping their crypto assets quickly. Doing so leaves a severely devalued token in the hands of the remaining crypto investors. While dumping is unethical, it may not be a criminal act in the same way that hard pulls are.

4.

Are crypto rug pulls illegal?

Crypto rug pulls are not always illegal, but they are always unethical. 

Hard rug pulls are illegal. Soft rug pulls are unethical, but not always illegal. For example, if a crypto project promises to donate funds but chooses to keep the money instead, that’s unethical but not illegal. Either way, like most fraudulent activities in the crypto industry, both types can be challenging to track and prosecute.

The collapse of the Turkish cryptocurrency exchange Thodex is a prime example of a rug pull in crypto. The $2 billion dollar theft was one of the biggest crypto rug pulls of 2021. It is also one of the largest centralized finance (CeFi) exit scams in history.

Although Turkish police detained 62 people during its investigation of the major scam, the whereabouts of the alleged perpetrator remains unknown.

Other recent examples of protocols that have suffered this type of crypto rug pull include Meerkat Finance, AnubisDAO, Compounder Finance and Uranium Finance.

5.

How to avoid a rug pull in crypto?

There are several clear signs that investors can watch out for to protect themselves from rug pulls such as the liquidity not being locked and no external audit having been conducted. 

The following are six signs users should watch out for to protect their assets from crypto rug pulls.

Unknown or anonymous developers

Investors should consider the credibility of the people behind new crypto projects. Are the developers and promoters known in the crypto community? What is their track record? If the development team has been doxxed but isn’t well known, do they still appear legitimate and able to deliver on their promises?

Investors should be skeptical of new and easily faked social media accounts and profiles. The quality of the project’s white paper, website, and other media should offer clues about the project’s overall legitimacy.

Anonymous project developers could be a red flag. While it’s true that the world’s original and largest cryptocurrency was developed by Satoshi Nakamoto, who remains anonymous to this day, times are changing.

No liquidity locked

One of the easiest ways to distinguish a scam coin from a legitimate cryptocurrency is to check if the currency is liquidity locked. With no liquidity lock on the token supply in place, nothing stops the project creators from running off with the entirety of the liquidity.

Liquidity is secured through time-locked smart contracts, ideally lasting three to five years from the token’s initial offering. While developers can custom-script their own time locks, third-party lockers can provide greater peace of mind.

Investors should also check the percentage of the liquidity pool that has been locked. A lock is only helpful in proportion to the amount of the liquidity pool it secures. Known as total value locked (TVL), this figure should be between 80% and 100%.

Limits on sell orders

A bad actor can code a token to restrict the selling ability of certain investors and not others. These selling restrictions are hallmark signs of a scam project.

Since selling restrictions are buried in code, it can be difficult to identify whether there is fraudulent activity. One of the ways to test this is to purchase a tiny amount of the new coin and then immediately attempt to sell it. If there are problems offloading what was just purchased, the project is likely to be a scam.

Skyrocketing price movement with limited token holders

Sudden massive swings in price for a new coin should be viewed with caution. This unfortunately rings true if the token has no liquidity locked. Substantial price spikes in new DeFi coins are often signs of the “pump” before the “dump.”

Investors skeptical about a coin’s price movement can use a block explorer to check the number of coin holders. A small number of holders makes the token susceptible to price manipulation. Signs of a small group of token holders could also mean that a few whales can dump their positions and do severe and immediate damage to the coin’s value.

Suspiciously high yields

If something sounds too good to be true, it probably is. If the yields for a new coin seem suspiciously high but it doesn’t turn out to be a rug pull, it’s likely a Ponzi scheme.

When tokens offer an annual percentage yield (APY) in the triple digits, although not necessarily indicative of a scam, these high returns usually translate to equally high risk.

No external audit

It is now standard practice for new cryptocurrencies to undergo a formal code audit process conducted by a reputable third party. One notorious example is Tether (USDT), a centralized stablecoin whose team had failed to disclose that it held non-fiat-backed assets. An audit is especially applicable for decentralized currencies, where default auditing for DeFi projects is a must.

However, potential investors shouldn’t simply take a development team’s word that an audit has taken place. The audit should be verifiable by a third party and show that nothing malicious was found in the code.

Spotting a crypto rug pull scam: It takes some digging

In 2021, an estimated $7.7 billion was stolen from investors in rug pull cryptocurrency scams. These investors trusted that they were investing in legitimate projects, only to have the rug pulled from beneath their feet.

Before investing, it’s worth taking the time to research new cryptos and to do one’s due diligence before investing in a new project.

MPC Multi-Party Computation

What is MPC (Multi-Party Computation)?

by with No Comment Blockchain and cryptocurrency basicsCybersecurity basics

“Not your keys, not your coins” has resulted in over $100 billion lost or stolen since the early 2010s, specifically because of private key mismanagement. Clinging to this ‘golden rule’ will fail to onboard the next 1 billion into a bankless, self-empowered Web3. Secure crypto technologies like MPC are the hybrid solution for an overwhelming majority of new and current users, offering optimal tradeoffs between security, self-custody, recoverability, and interoperability.

Not Your Keys Not Your Crypto? Outdated.

The mantra of “not your keys not your crypto” is as powerful today as it was in 2017. But the result? Lost and stolen seed phrases, misplaced private keys, stress for new users, and a flight to CeFi exchanges and ‘crypto banks.’

An estimated $100 billion dollars of Bitcoin (just Bitcoin) has been lost forever, because of private key mismanagement.

As a community, crypto has been dogmatically clinging to a purported “private key gold standard,” more obsessed about the technology than providing what people actually need. MPC is a solution that already exists, recently championed by companies like Coinbase and ZenGo.

Simple and secure MPC technology is already being used at the institutional level – companies like Fireblocks are helping custody billions of dollars of cryptoassets with MPC cryptography. It’s time average users get the same bulletproof security as the big players, and developers understand the security benefits of MPC to onboard more crypto users.

The false dichotomy: Centralized Exchanges v. Non-Custodial Wallets

For years the status-quo perpetuated a dangerous misconception: There are only 2 ways to store crypto. This false dichotomy is why so many potential crypto-enthusiasts haven’t started to get involved in the ecosystem.

Option 1: Exchanges

Custody cryptoassets in a centralized exchange, giving up your freedom, control, and on-chain access in return for relative security, simplicity, and comfort knowing someone else will worry about secure crypto storage.

Option 2: Self-custody with Private Keys

Use an on-chain crypto wallet with private keys, rendering assets vulnerable to scammers, hacks, lost or misplaced keys – but knowing you have ultimate control over your crypto: to store, HODL, or lose…

There’s actually a better way: A hybrid solution in the form of a type of cryptography called MPC, or multi-party computation.

What is MPC and how does it work?

MPC stands for Multi-Party Computation. This is a type of cryptographic technology.

Leveraging MPC, wallets (and institutions) can securely design an on-chain asset management system that makes recovery easier, while simultaneously increasing secure self-custody by removing the single point of failure of a private key.

At a basic level, MPC (within the cryptographic world of threshold signatures) allows 2 (or more) parties to securely input information into a system and activate (or unlock) an outcome > without any party being able to see the inputs of the others.

This makes it possible to design a crypto wallet that uses multiple parties to backup or restore a user’s funds > while keeping the funds in the user’s custody at all times.

This design offers a number of advantages:

  • Easy to recover
  • No single point of failure for phishing
  • Entirely user controlled

Why MPC is a better user experience than a “seed phrase” wallet

This type of recovery is immediately more familiar and far less scary for the majority of people. Almost everyone who has created an account of any kind online knows how to recover their login using an email, trusted contact, cloud backup, or their biometric scan.

This is why these types of recoverability are crucial for bringing new people into crypto systems. Implementing familiar solutions for recovery will allow more people to feel comfortable using crypto.

Once in the ecosystem, some will want different types of security or options with a low centralization risk. There is nothing preventing anyone from using multiple wallets once they have started using crypto. In fact, it is encouraged to use more than 1 wallet when storing cryptoassets.

There is, however, a HUGE barrier to entry with the majority of wallets for the majority of people: Seed phrases.

Having a single phrase that can move the entire contents of an account in an instant can be scary. Some people are willing to rely fully on themselves to keep something this important safe. Most people are not.

Having a path to enter crypto for the first time, try applications, and hold assets where users DON’T have to worry about a seed phrase is CRITICAL for the next 1 Billion people to join the world of #Web3.

MPC Wallets do not use seed phrases

MPC wallets like ZenGo replace the traditional private key with two independently created mathematical “secret shares.” One share is stored on your mobile device and the other on the ZenGo server.

With no single point of failure, even if something happens to one of the shares, no one can access your crypto but you.

Learn more about MPC: Threshold Signature Scheme (TSS):

To understand the type of cryptography behind MPC it’s helpful to learn about TSS (Threshold Cryptography) which is a subfield of MPC.

In TSS cryptography, cryptographic operations are defined with a threshold assumption in mind – it is assumed that at least a threshold of the parties involved in the computation are acting honestly and not controlled by an attacker at the same time. It could be two parties, or more. Learn more about TSS here.

MPC Cryptography is gaining adoption

While ZenGo was the 1st crypto wallet to support MPC for consumers, companies like Fireblocks have been managing billions of dollars of assets for some of the world’s leading crypto institutions for years. Coinbase recently announced support for an MPC-powered Dapp browser inside of their custodial crypto wallet.

As MPC offers the optimal balance between on-chain self-custody, wallet security and crypto recoverability, it is only a matter of time until MPC becomes widely adopted.

FAQ: MPC Crypto Wallet

Q: How does MPC (Multi-Party Computation) work?
A: MPC works by splitting the traditional private keys into multiple pieces, distributing them in multiple places to ensure no one person has full access to the traditional private key. The major advantage here is that the private key is always used in a distributed manner.

When a transaction signature is required, the parties involved (in ZenGo there are two: the ZenGo server and the user’s phone) in order to separately run a computation to make whatever you wanted to happen on the blockchain, well, happen! The best part of this process is no single entity can ever get access to any private key: There is no single point of vulnerability. Even if an attacker tried to get access to one of the two shares, they can’t access all of the ‘secret shares’ simultaneously, making your digital assets much safer than in the traditional private key architecture.

Q: Who uses MPC?
A: A number of billion-dollar institutions are using by MPC technology, including Fireblocks, Coinbase, and ZenGo.

Q: Is MPC new technology?
A: MPC technology is actually dozens of years old – initial development began in the 1980s – but applied MPC technology to crypto wallets is a relatively recent technological innovation in the last decade.

Q: Does MPC support many blockchains?
A: A major advantage of MPC, in addition to its security and recoverability benefits, includes the fact that it is chain-agnostic. Unlike multi-signature (MultiSigs) approaches which do not support every blockchain, MPC can be applied to many. ZenGo actively contributes to open-source MPC material on GitHub, learn more here.

More info for professionals:

If you’re in the institutional digital asset space, you’ve probably heard about MPC (multi-party computation). While MPC theory has been around since the early ’80s, it first entered the digital asset space just a few years ago; since then, MPC has become one of the primary technologies wallet providers and custodians are utilizing to secure crypto assets.

But what exactly is MPC? How does it work, and what benefits does it have? We’ll walk you through everything you need to know about the technology and its role in digital asset security today.

Let’s start with an introduction to cryptography in general to get a better understanding of MPC’s origins.

A (Very) Brief Introduction to Cryptography

The field of cryptography provides its users with a method for:

  • sending messages that only the intended receiver of the message will understand
  • preventing unauthorized third parties from reading them in case of interception
  • verifying the authenticity and integrity of digital messages from a known sender

Though cryptography stretches as far back as the ancient Egyptians, one of the most famous modern examples is the Enigma machine – a device used by the Germans to send encrypted messages during WWII which was finally cracked by the British mathematician, Alan Turing.

Whereas cryptography was once primarily the concern of government and military agencies, in the internet era cryptography plays an increasingly central role in the way we all transfer information.

While the idea behind cryptography can appear simple, the field does include some extremely complex math. In essence, messages are scrambled, or “encrypted,” by a secret recipe (or algorithm) that hides the information contained within it. This way, should the encrypted message be stolen or intercepted by a malicious or non-trusted third party, they will be unable to understand, see or alter the information the message holds. Instead, the only one who can read that message correctly is the one who knows how the message was encrypted and thus holds the key to unscramble, or “decrypt,” it.

Encrypted Message: HZZO HZ VO OCZ KJNO JAADXZ

Secret Algorithm: *use the letter which is five letters preceding the ‘real message’ letter*

ABCDEFGHIJKLMNOPQRSTUVWXYZ

Decrypted Message: MEET ME AT THE POST OFFICE

This ‘Caesar cipher’ utilizes very simple math to demonstrate the concept of encryption. However, it is known to be broken. To securely encrypt information, more advanced math is required.

In the world of blockchain, the “message” being transferred is a digital asset, and the “key” to that digital asset is essentially the decryption tool used to receive that digital asset.

That key itself – known as the “private key,” as access to a digital asset requires both a publicly known cryptographic key and a related private one – must be kept safe, as anyone who knows the private key can move the asset to their own wallet. This is where MPC comes in: it’s one of the most powerful tools for protecting private keys.

How does MPC (multi-party computation) work?

In a general sense, MPC enables multiple parties – each holding their own private data – to evaluate a computation without ever revealing any of the private data held by each party (or any otherwise related secret information).

The two basic properties that a multi-party computation protocol must ensure are:

  • Privacy: The private information held by the parties cannot be inferred from the execution of the protocol.
  • Accuracy: If a number of parties within the group decide to share information or deviate from the instructions during the protocol execution, the MPC will not allow them to force the honest parties to output an incorrect result or leak an honest party’s secret information.

In an MPC, a given number of participants each possess a piece of private data (d1, d2, …, dN). Together, the participants can compute the value of a public function on that private data: F(d1, d2, …, dN) while keeping their own piece of data secret.

For example, let’s imagine three people, John, Rob, and Sam, want to find out who has the highest salary without revealing to each other how much each of them makes – this is actually a classic example of MPC, known as The Millionaire’s Problem. Using simply their own salaries (d1, d2, and d3), they want to find out which salary is the highest and not share any actual numbers with each other. Mathematically, this translates to them computing:

F(d1,d2,d3) = max(d1,d2,d3)

If there were some trusted third party (i.e. a mutual friend who they knew could keep a secret), they could each tell their salary to that friend and find out which of them makes the most, AKA F(d1,d2,d3), without ever learning the private info. The goal of MPC is to design a protocol, where, by exchanging messages only with each other, John, Rob, and Sam can still learn F(d1,d2,d3) without revealing who makes what and without having to rely on an external third party. They should learn no more by engaging in the MPC than they would have by interacting with their trustworthy mutual friend.

History and Applications of MPC

MPC’s (multi-party computation) initial development began in the ’80s – a fairly recent breakthrough within the world of cryptography.

Up until that point, the majority of cryptography had been about concealing content; this new type of computation focused instead on concealing partial information while computing with data from multiple sources.

  • 1982 – Secure two-party computation is formally introduced as a method of solving The Millionaire’s Problem
  • 1986 – Andrew Yao adapts two-party computation to any feasible computation
  • 1987 – Goldreich, Micali, and Wigderson adapt the two-party case to multi-party
  • 1990s – Study of MPC leads to breakthroughs in areas including universal composability (pioneered by Fireblocks cryptography advisor Ran Canetti) and mobile security
  • 2008 – The first large-scale, practical application of multi-party computation – demonstrated in an auction – takes place in Denmark
  • Late 2010s – MPC is first utilized by digital asset custodians and wallets for digital asset security
  • 2019 – Debut of MPC-CMP, the first 1-round, automatic key-refreshing MPC algorithm

Today, MPC is utilized for a number of practical applications, such as electronic voting, digital auctions, and privacy-centric data mining. One of the top applications for MPC is for securing digital assets – and recently, MPC has become the standard for institutions looking to secure their assets while retaining fast and easy access to them.

Why is MPC becoming the standard for digital asset security?

To utilize your digital assets, you need a public key and a private key; your ability to safely hold and transfer the asset itself is only guaranteed as long as the private key is safe. Once that key is in someone else’s hands, they can transfer the assets to their own wallet. Therefore, preventing the theft of private keys is crucial to maintaining digital asset security.

Historically, there have been a few primary options for securely storing private keys. These options tend to fall into either hot, cold, or hardware based storage.

  • Hot Storage – Private key is held online
  • Cold Storage – Private key is held offline
  • Hardware Wallet – Private key is held offline on a physical device

While these tools were at one point the only options for digital asset storage, certain operational and security inefficiencies in each have led to the rise of new solutions, such as MPC. Importantly, MPC is strong for not only digital asset storage, but digital asset transfers, as well – and as the digital asset market has developed and grown, so has the need for a security tool that enables fast transfers and advanced business strategies.

Cold Storage

One way to reduce the exposure to digital asset loss is by storing funds in cold storage.

Cold storage enables a user to sign a transaction with their private keys in an offline environment. Any transaction initiated online is temporarily transferred to an offline wallet kept on a device such as an offline computer, where it is then digitally signed before it is transmitted to the online network. Because the private key does not come into contact with a server connected online during the signing process, even if an online hacker comes across the transaction, they would not be able to access the private key used for it.

However, there are several issues with cold storage:

  • For a contemporary digital asset business that’s actually trading assets with any frequency, it is too slow to trade from – often taking between 24 to 48 hours to make a transfer
  • It does not protect against deposit address spoofing or credential theft

Hardware Wallet

Another method of securely storing private keys is the hardware wallet. Hardware wallets are external devices where you store your private keys, such as a USB stick. Hardware wallets are resilient to malware, and if you happen to lose the wallet you’ll be able to recover the funds using a seed phrase. On the other hand, if you lose the seed phrase, there is no other way of recovering your bitcoin.

Like cold storage solutions, hardware wallet solutions lack the speed that today’s digital asset businesses require.

Hot Wallets

Alternatively, storing funds in a hot wallet is cumbersome due to error-prone copy-pasting of addresses, ever-changing whitelists, and constant 2FA rituals.

Some hot wallets utilize multisignature, or multisig, technology to divide private keys into multiple shares. Unfortunately, multi-sig is not protocol-agnostic (meaning it’s not compatible with all blockchains), and lacks the operational flexibility to support growing teams.

As a result, the best solution is one that offers both operational and institutional security requirements to store the private key safely while at the same time not hindering operational efficiency.

MPC for Private Key Security

With MPC, private keys (as well as other sensitive information, such as authentication credentials) no longer need to be stored in one single place. The risk involved with storing private keys in one single location is referred to as a “single point of compromise.” With MPC, the private key is broken up into shares, encrypted, and divided among multiple parties.

These parties will independently compute their part of the private key share they hold to produce a signature without revealing the encryption to the other parties. This means there is never a time when the private key is formed in one place; instead, it exists in a fully “liquid” form.

Ordinarily, when a single private key is stored in one place, a wallet’s owner would need to trust that the device or party that holds that private key is completely secure. Such a device could be an HSM or, less securely, a crypto exchange that essentially holds the customer’s private keys on their behalf.

However, these parties have proven themselves to be vulnerable. When an attacker only needs to succeed in hacking one point of compromise to steal a private key, it leaves the digital assets that key unlocks wide open to theft.

MPC does away with this problem, as the private key is now no longer held by any one party at any point in time. Instead, it is decentralized and held across multiple parties (i.e. devices), each blind to the other. Whenever the key is required, MPC is set in motion to confirm that all parties, or a predetermined number of parties out of the full set, approve of the request.

With MPC technology in play, a potential hacker now has a much harder task ahead of them. To gain control over a user’s wallet, they now need to attack multiple parties across different operating platforms at different locations simultaneously.

The MPC solution then solves the problem of secure key storage. As the key no longer resides in one single place, it also allows more personnel to access a wallet without the risk of any of them turning rogue and running off with the digital assets it contains.

In addition, with the private key completely secure, users can now hold their assets online and no longer need cumbersome cold-storage devices. This means that transferring digital assets is now more fluid and no compromise is required between security and operational efficiency.

Types of MPC Algorithms

Given its inherent properties MPC, in and of itself, is a powerful tool for securing digital assets. However, not all MPC algorithms are created equal. Today, many institutions that are using MPC employ algorithms such as Gennaro and Goldfeder’s algorithm (MPC-GG18); while protocols like this one are still considered the industry standard by many, it doesn’t reach as high of a level of efficiency, security, or operational flexibility as certain new MPC algorithms are able to achieve.

To effectively run a profitable digital asset business in today’s ever-changing market or execute high-volume withdrawal requests for a large retail customer base, financial institutions (such as exchanges, lending providers, and banks) require instant and secure access to funds.

However, due to a complex regulatory environment, many of these institutions are forced to operate with secure but slow cold storage solutions. So, the compatibility of an algorithm with cold storage is another important factor to consider when evaluating MPC algorithms.

The Gennaro and Goldfeder MPC Algorithm

Gennaro and Goldfeder’s algorithm is currently one of the top MPC algorithms available, and many institutions that protect their private data using MPC utilize this algorithm.

However, with Gennaro and Goldfeder’s algorithm, the communication latency between the MPC-shares (the devices that hold the key shares) doesn’t reach the highest level of efficiency – as it requires users to wait for transactions to undergo up to 9 signature rounds.

In addition, Gennaro and Goldfeder’s algorithm doesn’t offer any flexibility for institutions that need to use cold storage.

The Lindell et al. MPC Algorithm

Lindell et al. offers a slight decrease in the number of transactions that need to be signed from Gennaro and Goldfeder, at 8. However, this still doesn’t reach the level of operational efficiency necessary for today’s markets.

Like Gennaro and Goldfeder, Lindell et al. does not offer support for cold storage.

The Doerner et al. MPC Algorithm

Doerner et al.’s MPC algorithm accomplishes a threshold using just 6 signatures. Yet, again, the level of efficiency that’s possible with today’s technology is still higher than this.

And like the previous two algorithms, Doerner et al. can’t provide solutions for institutions that are looking to use cold storage in tandem with MPC.

MPC-CMP: The Newest Innovation in MPC

Building off of the groundwork laid by Gennaro and Goldfeder, the Fireblocks cryptography team (in collaboration with Professor Ran Canetti, the founder of the universal composability security model) recently developed and released a new algorithm, MPC-CMP. MPC-CMP enables digital asset transactions to be signed in just 1 round, meaning that it offers the fastest transaction signing speeds of any MPC algorithm by 800%. 

MPC-CMP also solves the challenges faced by businesses looking to use cold storage in tandem with MPC by allowing hot and cold key signing mechanisms – with at least one key share stored offline in an air-gapped device.

This introduces new configuration possibilities for institutions in regions with specific regulations around cold storage and strengthens the security of MPC-based wallets by adding a key refresh mechanism (minutes-long intervals). While traditional cold wallets require physical proximity and trust for certain employees to operate these wallets without making an error or acting maliciously, MPC-CMP operationalizes cold wallets – creating a solution for today’s high-paced crypto markets.

With the new algorithm, we’ve introduced a new security feature that ensures MPC key shares are automatically refreshed in minutes-long intervals. That means a malicious actor only has a few moments to steal all the key shards before the shares are refreshed and they have to start over – effectively adding a new layer of protection to our multi-layered security system.

MPC is open-source and peer-reviewed. We will not be applying for patents on MPC-CMP. That means all digital asset custodians and MPC vendors can access our new protocol and use it for free. In addition, the algorithm is universally composable, guaranteeing strong security properties for any implementation out-of-the-box. Universally composable cryptographic protocols are important to practical implications of new cryptography, as they remain secure even when arbitrarily composed with other protocols – and guarantee that even when multiple transactions are concurrently signed in parallel, security is not compromised.

Algorithm  Transaction Rounds Universally Composable Cold Storage Compatible Peer-Reviewed Open-Source
Gennaro and Goldfeder 9 No No Yes Yes
Lindell et al. 8 No No Yes No
Doerner et al. 6 No No Yes No
MPC-CMP 1 Yes Yes Yes Yes 

What’s next for MPC?

MPC has quickly become the standard for securing digital assets. Major financial institutions – including Celsius (biggest US crypto lending desk), and Revolut (Europe’s largest neobank) – have announced their transition to MPC. But in 2021, MPC is only one part of the equation for digital asset security.

As we’ve seen over the years, the best defense against cybercriminals is a multilayered one that can provide redundancy in the event that one of the security controls fails. That’s why today’s institutions require a security system that layers MPC alongside numerous other software and hardware defenses to make breaking in highly expensive and nearly impossible.

At Fireblocks, our “defense-in-depth” security system fulfills these requirements, utilizing Intel SGX chip-level hardware isolation, distribution of sensitive information across multiple tier-1 cloud providers, and a highly customizable policy engine in addition to MPC. Today, we’re using MPC-CMP – the fastest and most secure MPC algorithm currently available – adding a new degree of flexibility to the equation (including the ability to sign an MPC from a hardware storage device).