Coinbase Uses Multi-Party Computation to Enhance Crypto Wallet Security and User Experience
Coinbase is making strides towards simplifying the onboarding process for web3, bolstering both security and recovery for crypto wallets. The company is deploying a cryptographic technique called Multi-Party Computation (MPC) to eliminate key management hurdles that have long been a barrier to mainstream web3 adoption.
The MPC technique allows multiple parties to collectively compute a function on their private inputs, all while ensuring their inputs remain confidential. This technique increases the security of wallet private keys by requiring at least two participants to create valid signatures. It further simplifies key management by distributing individual key shares among the participants, thereby reducing the likelihood of wallet break-ins.
According to research by Chainanalysis, an estimated 20% of bitcoin tokens, equivalent to over $100 billion in market value, are lost due to key mismanagement. Coinbase aims to address this issue by deploying MPC technology within its products, highlighting its benefits to end users.
In traditional web3 wallets, a user's private key unlocks wallet ownership, much like an account password. However, there are no reset or recovery options for standard wallets. A lost private key results in the loss of access to the wallet's funds. Coinbase believes that for web3 adoption to increase, private keys need to be secure yet recoverable. The application of MPC technology allows key control to be distributed among multiple parties, offering more reliable key recovery and stronger security.
Coinbase's use of MPC technology addresses three major workflows: Key generation, signing, and key backup & recovery. The company leverages a threshold ECDSA (tECDSA) MPC cryptography protocol, which requires at least two out of total key shares to participate in signing to reach a consensus.
To make the wallet experience more user-friendly, Coinbase provides user-owned backup options like cloud, local, and hardware backups. These are faster and offer offline recovery, allowing users to transfer or recover their wallet without involving Coinbase servers.
In addition, Coinbase Wallet-as-a-Service (WaaS) splits the encryption key of the backup between the user and Coinbase, allowing users to authenticate themselves and regain access to their wallet while preserving their privacy and legal identity.
With its focus on bringing the next billion users on-chain, Coinbase is looking forward to setting the industry standard in the web3 ecosystem by removing friction and complexity from crypto transactions and dapp interactions. The company is currently developing products for both developers and users, including a new SDK for native apps to connect with Coinbase Wallet, and an open dapp marketplace accessible without a Coinbase account.