[Coinlive Talk] MPC: The Key To A Safer Future?

• Phishing attacks and exploits are rampant throughout the crypto space, with millions of dollars stolen this way
• MPC forms a strong bulwark against hackers and attacks to safeguard our private key
• However, education and awareness are also just as important, and only but incorporating both can we truly safely operate in the crypto market

The explosive growth of DeFi is undeniable. Over the past two years, we have observed how the total locked value across DeFi platforms jump from over US$600 million in 2020 to up to US$40 billion right now. Yet it remains to be noted that big financial numbers oftentimes bring with them equally big risk factors.

DeFi is fast becoming a promising hunting ground for hackers. In 2020 alone, hackers attacked 15 DeFi platforms for over US$120 million. Phishing counts as the weapon of choice for most attackers, wherein a hacker would attempt to solicit sensitive and private information from victims through socially-engineered communications and text messages.

Indeed, phishing has evolved from mere spam emails that are so poorly crafted that it is often barely a challenge to sieve off the malicious ones. As hackers are getting smarter, so do we have to ramp up our safeguards and protection as we venture in unchartered territory, or the “wild west” that is the crypto space, as coined by Gary Gensler, Chairperson of the U.S. Securities and Exchange Commission. Merely being alert and wary on our own is quickly becoming inadequate to deal with this rapidly-evolving threat.

A private key is perhaps the lifeline of all users in the crypto space. The key gives access to the user’s wallet, and is thus the primary objective of the majority of phishers and hackers. Typically, a key has several stages in its life cycle, namely Generation, Refreshing, Storage, and Use. All of these stages expose the user’s private key to attacks, and also carry the risk of single-point failure at any time.

Enter Safeheron, an open-sourced self-custody solutions provider that has recently partnered with Metamask to integrate Safeheron’s Multi-Party Computation (MPC) solution into Metamask’s new “Snaps” system.

MPC plays an integral role in asset custody and security. For the uninitiated, MPC is a cryptographic technology that allows multiple parties, or key shards, to each hold secret information and then solve a problem that requires the input of all these secrets in a decentralized way, without ever sharing the secret information with one another.

To find out more about how MPC functions and its significance in asset security, Coinlive spoke with Bruce Wang, the CTO and Co-Founder of Safeheron.

“MPC prevents single-point failure of the private key,” Bruce explains. “With the use of MPC, the original key will not be existent in one complete piece. We generate 3 to 4 key shards, and store them on separate platforms belonging to the user. When one key shard is compromised, it doesn’t matter, because the private key is not lost.”

Indeed, MPC is perhaps one of the strongest defences users can adopt to protect themselves against phishing and malicious attacks.

Coinlive’s Interview with Safeheron Co-Founder, Bruce Wang

However, software alone is also insufficient for us to be completely protected from attacks, as Bruce tells us.

“Recently, I've observed that a lot of investors just want to try and earn money from the industry, especially in a bear market when everything is on ‘sale’. But I want to stress that risks will always exist and you still need to strengthen your security awareness.”

Even in a bear market, VCs and investors are still on the lookout for new projects to participate in and invest. Yet this also means that threats will still continue to exist, and vulnerabilities can still be exploited.

With the looming Ethereum Merge taking place right now, a plethora of L2 rollup projects, as well as staking services have blossomed in the market, providing ample opportunities for investment. Still, Bruce advises that we need to nevertheless hold on to our fundamentals.

“Before you invest in a project, educate yourself and DYOR (Do Your Own Research),” Bruce suggests. “Talk to your friends and experts, stay updated and learn about how hacks happen and how you can best protect yourselves from them.”

Be alert always, and cautious, especially in the crypto space, Bruce emphasises. Many have even speculated that Ethereum’s Merge could bring about more asset security with a more decentralised way of transactions Even with the merge taking place, the threat of attacks is still all the more present than ever.

“The merge will definitely make Ethereum more secure,” says Vladimir Gorbunov, CEO and founder of the MetaFi ecosystem Choise.com. After the merge, the required initial investment to validate transactions on the blockchain would cost around $55,000 or 33 ETH, he says.

While the merge would definitely set a fairly high barrier of entry into the network for everyone, including malicious hackers, Bruce warns that we should still remain alert and conscious of our assets, even while transacting on the Ethereum mainnet.

“The merge is mostly about upgrading POW to POS, in most aspects it will remain the same on a security level”, Bruce says.

Indeed, danger still present regardless of the merge or not, as the merge is likely to primarily affect the consensus layer of the net, not the execution layer. This means that even with a barrier of entry of 33 ETH into the mainnet, phishing attacks could still occur via social engineering, where users may be duped into giving up their private key information.

Conclusively, it is clear that even with safeguard tools such as MPC, the ultimate responsibility of safeguarding one’s digital assets still invariably falls to the user themselves. Having education alone is insufficient to ward of unpredictable attacks, and safeguards alone are equally inadequate in fully protecting users.

Education, awareness, and alertness remain the main priorities for all users, especially in the decentralised world of crypto.

“The private key is law,” Bruce tells us as we close of the interview. “Don’t lose control of it.”

This is an Op-ed article. The opinions expressed in this article are the author’s own. Readers should take the utmost precaution before making decisions in the crypto market. Coinlive is not responsible or liable for any content, accuracy or quality within the article or for any damage or loss to be caused by and in connection to it.