One of the fascinating, and frustrating, aspects of the broader cryptocurrency space is the prevalence of trusted third-parties in an ecosystem built on the notion that trusted third parties are security holes. From honeypot exchanges to custodial services with “bank-level encryption,” much of the crypto ecosystem is non-representative of its origins.
Without diving into the adverse outcomes of these third-parties in the ecosystem, of which there are many, one of the underlying frictions of centralized security is the inherent trade-off between security and user experience [UX].
The crypto landscape is esoteric enough as it is, let alone requiring users to manage their own keys and understand concepts like GAS on Ethereum. In fact, new user onboarding was named as the biggest obstacle to dapp development by projects on Ethereum. While there have been strides made in UX among many crypto products, ranging from DeFi tools to wallet interfaces, there is much work to be done.
The daunting task of converging security and UX into a safe and user-friendly experience has received a glimmer of hope in recent months, however, due to a unique subfield of cryptography–secure multi-party computation [sMPC].
A Wave of sMPC Innovation
The core concept of sMPC is to collectively derive a unique computation from a subset of individual fragments like non-trusting computers. Imagine a puzzle with individual entities, each holding a piece, and the final image only materializing after a specific threshold of pieces have been put together.
MPC has been lauded as the next fuel for innovation in onboarding users to crypto by reducing a significant portion of the barrier to entry — mainly key management.
“Ultimately, using sMPC, we can realize the separation in data of the right to use and the right of use, and directly calculate results on multi-source and heterogeneous ciphertext data,” detailed ArpaChain CEO, Felix Xu, in a ChainNode AMA. ArpaChain has emerged as one of the leaders in sMPC globally, and already has a functioning product on its testnet.
Their insights and innovation into sMPC represent a broader initiative to reconcile the issues of security vs. UX.
At a high level, sMPC empowers users to compute something over a large set of data without revealing their individual inputs, furnishing enhanced privacy, and a means to produce a specific outcome. Consequently, sMPC affords advantages over two existing modes of key management: multi-sig and hardware storage.
Hardware wallets and multi-sig are both complicated to use for mainstream users. Hardware storage is offline, and connecting it to online sources breeds security challenges. Conversely, multi-sig works to an extent, but services like Casa are out of the price range of most consumers and also out of their technical peripherals.
Hot wallets [i.e., online wallets] continually demonstrate their proclivity for being hacked, and while they offer the best UX, they are major security vulnerabilities — once again highlighting the quandary of balancing security and UX.
With sMPC, security is bolstered by the fact that no single entity controls the key, and UX is improved because there can even be “keyless” services using sMPC. The perfect crypto wallet does not exist, but sMPC may come to redefine that narrative.
Outside of wallets, the market for sMPC solutions for enterprises is enormous, and an area where ArpaChain is looking to make an impact.
“The ARPA project aims to provide businesses and individuals with private computing power and secure data flow solutions,” says Xu. “The entry point of ARPA is enterprise-level privacy data sharing.”
ArpaChain to The Rescue
Requiring developers to consistently worry about security vulnerabilities takes away from their ability to focus on improving UX and other aspects of blockchain-based applications. Similarly, continually encrypting and decrypting data creates high technical barriers, something which sMPC diminishes.
But some of the real magic also derives from the ability of sMPC to remain secure even in a hostile environment.
“We have implemented an agreement to support the participation of any party, and as long as there is an honest node in it, it can ensure the security of the data. Either of these two points is a breakthrough, and as far as we know, the vast majority of projects can only support the involvement of two parties.”
This is a powerful feature. No longer do parties need to independently hold keys that serve as singular attack vectors. With such security assurances on the back-end, a better UX can be transferred to the front-end — such as “keyless” wallets — which are already happening.
Providing users with an experience that does not require key management is a compelling step forward for the industry. Add in the ability of exchanges and other financial entities to securely, and privately, compute functions over large shared data sets [i.e., blockchains], and sMPC just might live up to its impressive reputation.
“Imagine multi-party joint credit information, data leasing, secure data analysis, and other scenarios in the financial industry such as multi-source data joint risk control in the insurance industry with sMPC. In the future, applications will exist for corporate finance, marketing, medical applications, and even artificial intelligence.”
ArpaChain achieves this dynamic balance using an off-chain, layer two structure — making ARPA compatible with any public blockchain.
“The ARPA secure computing network can be used as a second layer to provide privacy computing capabilities for any public blockchain, enabling developers to build efficient, secure computing networks on ARPA computing networks, while also protecting the data privacy of business applications. Enterprise and personal data can be safely analyzed or utilized on ARPA computing networks without worrying about exposing data to any third party.”
A confluence of security, privacy, and better UX — a compelling proposition.
Overall, sMPC effectively removes the requirement of trusted third parties for security [i.e., custody], the cold/hardware storage solutions preferred by exchanges, and affords a better UX by removing significant points of friction altogether like key management.
What’s the cherry on top? Better privacy.
For enterprises, mainstream users, and the broader trajectory of crypto adoption alike, that’s a potent recipe for success.