Multiparty computation: The Trojan Horse of crypto regulation

[Charles-Tim]

Multiparty computation (MPC) technology involves splitting private keys into segments and distributing them between different parties. Most commonly, the client holds one key segment, and the MPC provider holds another. The aim is to improve security by ensuring that no party has full control over any given transaction, which can only be executed if both parties provide their key segments.

MPC service providers usually present their technology as something that merely helps to secure transactions. It’s sold under the premise of: “We keep half a key, you keep the other half, but you are the boss — only you decide when and where to transfer your funds. You can also pull all your funds from our account whenever you want.” But in reality, that isn’t exactly the case. MPC service providers act as middlemen whose approval is needed for a transaction to be executed.

 In this sense, MPC providers are playing a near-identical role to banks, banks can freeze funds and even confiscate them. However, the issue is that such backdoors also exist in MPC providers. In light of the responsibility they hold for customer’s funds as a third party, it’s evident that MPC providers offer a backdoor for regulatory intervention. Ultimately, this means that MPC companies could play the same role as banks. If a legal authority demands an MPC service provider to stop a transaction, it will be compelled to do so.

MPC is a regulated, fee-centric model that is almost an exact replica of today’s banking system
https://cointelegraph.com/news/multiparty-computation-the-trojan-horse-of-crypto-regulation

To know more about Multiparty computation
https://cointelegraph.com/explained/secure-encryption-key-management-modules-explained
We should not be deceived, MPC will only just be a way our privacy will be compromised, it is better we make use of reputed noncustodial wallets like ledger nano, trezor to save our bitcoin, storing the private key or seed phrase in a place it can not be attacked by hackers or damages. But, if we are still looking forward to ways you want to store your bitcoin in a way similar to the principles MPC is using, it is best to go for multisignature wallet, if you read about multisignature wallet, there are many chances you will be able not to lost your bitcoin by having M of N private keys to sign a transaction, another noncustodial way is Sharmir's secret sharing which can also be helpful. The only reason some people or organization may not want to use multisig which is absolutely recommend is because of its high transactions fee, but let us hope the recent BIP(340-342) which are schnorr signature, taproot and tapscript which is finalized already will be implemented into bitcoin core very soon as more mining pools agreeing to upgrade. If these proposals are implemented into bitcoin core, that is the dawning of multisig transactions to be indistinguishable from single wallet transactions, and the issue of fee is solved.

[Coyster]

Bitcoin users who value their privacy, security of funds, anonymity and do not want any sort of regulations wouldn't use centralized third party services, Centralized exchanges for example are already giving out information/data of customers to the government, while that's very bad and there is prolly an excuse for them (that they are somewhat under the ruling govt where they are located), Multiparty computation is worse as your handing over your private keys to a third party service for no reason, cause I don't buy the security feature they claim to offer, there are many ways to secure your crypto whilst still being in full control of your keys, remember, "not your keys, means it's not your funds".

Having said that, I think all this different services is only a way to stealthily bring in more regulations to cryptocurrecy; thing is many Bitcoiners do not still understand how important their privacy is, and that Bitcoin was created to eliminate a third party, the more people patronize this third party services, the more strength they garner. Bitcoin requires your personal responsibility to handle your funds and protect them, and with just a little effort you can do that without any third party.

[hatshepsut93]

There's nothing particularly new here, Electrum has been offering a 2FA wallet feature for years, which works by having a company to serve as a 2FA server that also holds one of the multisignature keys. However, users can still derive this key from seed, while the company can't, so it's better than custodial wallets, but it still has a lot of drawbacks, like privacy and additional fees, and security benefits aren't really that big.

[Charles-Tim]

There's nothing particularly new here, Electrum has been offering a 2FA wallet feature for years, which works by having a company to serve as a 2FA server that also holds one of the multisignature keys. However, users can still derive this key from seed, while the company can't, so it's better than custodial wallets, but it still has a lot of drawbacks, like privacy and additional fees, and security benefits aren't really that big.

One principle electrum wallet 2fa is using is also just multiparty computation, I totally agree to this, but I think the way it works is different from how the one I explained above is working. For example, if you lost your electrum wallet device, can the private key be recovered from the server that made the final signing of transactions? I am not sure but I do not think so. Correct me if wrong.

In this case, it will be in a way it is possible the service provider will be able to have access to the private key for the case of recovery purposes, although, according to the news, some can be thieves in a way they will not be able to provide such recovery, that is why it is said to question the provider if it is possible for the private key to be recovered or not.

There are decentralized ones that will be created in a way to provide recovery, but said to be far before launch.

[Walterhank]

I think this technology could be useful for family members as it allows all of them to have access to the keys. Otherwise leaving it with other entities can't be useful.

[franky1]

I think this technology could be useful for family members as it allows all of them to have access to the keys. Otherwise leaving it with other entities can't be useful.

multisig is useful for contracts where only those who have value can control.
but when its then used where one party is some strange business/owner that lives thousands of mile away and you have never shaken their hand or know what they look like... then be wary
especially when the contract leans towards requiring their permission to your funds

you cant slap them with a wetfish or lawsuit if you dont know where they live

and this is the fatal flaw of LN's gameplan with their factories, watchtowers and shadowchains.
they dont want to be found, else they would have to register as money service businesses.
sometimes regulation aimed at watching custodians(even if weak observations/oversight) is better than no consumer protections

i think all businesses offering custodial/security/middlemen should be regulated under consumer protection guidelines

private contract amungst family/acquaintances vs publicly advertised service are two different things