Ready to build with us?
Read the docs and join the community on Discord.
February 15, 2024
dWallet Labs today announced the release of 2PC-MPC - the first multiparty protocol that enables generating an ECDSA signature in a noncollusive way, on a transaction certified by a user and a massively decentralized network. The 2PC-MPC protocol is the key enabler of dWalletss, a new Web3 primitive at the core of the upcoming dWallet Network - a first-of-its-kind composable modular signature network.
The 2PC-MPC framework ensures that ECDSA (and in the future also EdDSA and Schnorr) signatures cannot be generated without both the user and a threshold of permissionless network nodes, potentially hundreds or even thousands of nodes. The dWallet Network utilizes 2PC-MPC to introduce the dWallet primitive - the first noncollusive and massively decentralized signing mechanism in Web3.
MPC and threshold cryptography are ubiquitous, both in traditional finance and Web3, as they enable securing assets and removing the single point of failure that private keys create. Nowadays, ECDSA is the most widely used signature algorithm in blockchains and Web3 and Threshold ECDSA protocols (e.g. Lindell 17, GG20, CMP etc.) are used to to replace private keys with a threshold of parties, across solutions such as custodians (e.g. Fireblocks, Copper), wallet providers (e.g. Coinbase, ZenGo) and federated MPC solutions (e.g. Thorchain, Lit, Zetachain).
“There are many fundamental issues with existing threshold signature protocols like these” said Yehonatan Cohen Scaly, CTO at dWallet Labs and Co-Founder of dWallet Network. “Decentralization, as they don't scale with the number of participants, scalability, as they can’t support many users and signatures per second, and security, since their access structure doesn’t support a user signing with a network allowing the network to collude and steal user’s assets. 2PC-MPC solves all of those issues”.
Existing MPC signature algorithms in Web3 require a threshold of t out of n of the parties to participate to generate a signature. For an MPC network to be noncollusive, the user must participate, and to force that, the threshold must exceed the number of network participants, removing the flexibility and autonomy of the network. In particular, in permissionless networks, with a ⅔ consensus standard, that’s impossible, and as a result, Web3 projects attempting to utilize MPC in a permissionless context (e.g. THORChain, Lit Protocol, Zetachain etc.), implement the MPC outside of the permissionless settings, in a very small subset of nodes that can collude and steal users’ assets.
2PC-MPC introduces a “nested” MPC structure for the signature generation, where a user and a network are always required (2PC - 2 Party Computation), and the network part requires a ⅔ consensus between hundreds or thousands of validators (MPC). This structure is noncollusive and ensures the network can never steal users’ assets (multi-chain instead of cross-chain), but also enables a permissionless network with an autonomous and flexible structure.
“Blockchains are built on top of a consensus layer that only exposes a reliable broadcast channel. This presents a massive challenge to integrate existing MPC protocols that require unicast communication channels between each pair of participants into a blockchain setting.” said Dolev Mutzari, VP of Research at dWallet Labs and co-author of the 2PC-MPC paper. “In 2PC-MPC, not only did we replace unicast with broadcast communication within the network’s MPC, allowing the dWallet Network to support hundreds, thousands or even tens of thousands of participants, but from the user’s perspective the complexity is O(1) since they only deal a single MPC-emulated party, namely the dWallet Network, no matter how many nodes it includes under the hood.”
Today, Web3 MPC signature algorithms are based on unicast communication (every participant needs to communicate with every other participant), limiting them to a very small number of participants, usually in the single digits. Generating a single ECDSA signature in MPC today takes minutes even for a relatively small number of participants (10 or 20). Existing algorithms don’t support batching of signatures, so for example generating 1,000 signatures with 20 participants will take days, which means it’s not applicable to real world scenarios. Increasing the number of participants to hundreds, means even a single signature won’t be generated, which explains why no decentralized network generates threshold ECDSA signatures today.
Moving to broadcast communication and using methods such as batching, aggregation and amortized decryption, 2PC-MPC allows for hundreds or even thousands of participants to support a massive amount of signature requests per second from many users. Adding performance and decentralization to its unique and flexible structure makes 2PC-MPC the first algorithm that is designed for a noncollusive and massively decentralized network like the dWallet Network.
“Our vision for dWallets and the dWallet Network was to uphold the two most fundamental principles of Web3 since the inception of Bitcoin - decentralization and user ownership - so we had to create an MPC algorithm that will allow for a noncollusive and massively decentralized process.” said Omer Sadika, CEO of dWallet Labs and Co-Founder of dWallet Network. “With this innovative nested structure, alongside other breakthroughs, the dWallet Network will be the first network empowering builders on L1s and L2s to move away from cross-chain risks, and manage assets & enforce logic across a multi-chain Web3 world in a decentralized and noncollusive way.”
To learn more about dWallets and the dWallet Network visit dwallet.io
Read the docs and join the community on Discord.