TL;DR
- In recent years, SaaS-based key management products, namely those built on MPC, have become very common, taking over the market.
- For managing funds, SaaS-based products provide a simple and convenient solution. However, when used as infrastructure for building wallets or custody products, they are far from ideal, including deep operational dependencies, lack of data privacy, vendor lock and increased counterparty risk, to name some shortcomings.
- Self-hosted MPC infrastructure emerges as an alternative, designed for the Web3 space, where ownership and control are key narratives. This model offers full operational independence, full data privacy, no vendor lock and minimizes counterparty risk to a minimum.
Introduction
The question of building vs buying software is a frequent dilemma that has several dimensions. When it comes to safeguarding precious and sensitive data, companies are willing to allocate significant resources. As a part of that, whether due to regulatory demand, business logic, or risk management, many companies choose to run their technology stack on-premise or self-hosted in a cloud environment, rather than exposing it to a SaaS-based provider. The question is always, when does it make sense to allocate these additional resources compared to using SaaS-based products?
The Shortcomings of SaaS-Based Infrastructure in Web3
In Web3, where ownership and control are key narratives, this dilemma has additional dimensions. If you are looking to simply manage your digital assets, enjoying the benefits of SaaS-based solutions, like Fireblocks, makes sense. However, if you wish to build custody or wallet products, choosing a SaaS-based infrastructure product that will hold your customers' private keys/key shares for you, entails a significant sacrifice:
- Lack of data privacy for you and your customers - In this model, your provider not only monitors all your actions and your customer's actions but also serves as an active party in every action taking place.
- Deep operational dependencies and increased counterparty risk - Your provider’s operations highly impact your user’s experience. Other than the fact that your service’s liveness depends on them, any mishandling or internal issue with your private keys, will irreversibly and immediately affect your users.
- Vendor lock - It’s impossible to switch to another provider without affecting your users, as they will need new public addresses. This also means closing DeFi positions and losing eligibility for airdrops, NFTs, and more. This is a painful and complicated process.
- No control over your blockchain support roadmap - In this model, supporting new blockchains is dependent on your provider’s roadmap, capabilities, or goodwill to meet your request. Hence, your customers' content and business opportunities are at the mercy of your provider.
- Difficulty meeting regulatory demands - Certain regulatory frameworks require custodians to store the keys in a specific geographic location. Hence if you rely on a SaaS-based infrastructure provider, you might need to use multiple providers, for different regions, or end up ceding certain markets to competitors.
As it can be seen, the model of choosing a SaaS-based infrastructure product that will hold your customers' private keys/key shares for you, includes vast concessions over control and independence and increases counterparty risk exponentially.
Self-hosted MPC infrastructure solutions suggest an alternative - enjoying the benefits of not having to build your infrastructure in-house, without the need for compromises over control and risk management.
MPC Infrastructure for Wallets and Custodians
Multi-Party Computation (MPC) is the leading technology to manage keys securely. MPC solves the problem of a private key being a single point of failure. Generating a distributed key using MPC, means each key share is held in a separate location, allowing for transaction signing without ever reconstructing the private key.
Example: Generating 3 key shares, while 2 out of 3 shares are required to sign transactions, provides added security (as an attacker needs to compromise at least 2 of 3 key shares), and redundancy (1 serves as a backup share) is much more secure and resilient compared with a single private key that is more easily lost or stolen.
MPC is leveraged by many leading companies in Web3. The primary use cases are:
- Self-custodial wallets for companies that wish to store and manage digital assets (like Fireblocks, Copper, and Tholos)
- Wallet-as-a-Service for other companies that want to provide wallets to their ecosystem users (like Exodus WaaS and Circle WaaS)
- Secure and scalable wallet layer in custody solutions (like Coinbase and Nydig)
- Self-custodial B2C wallet (like OKX and Coinbase Wallet)
These providers leverage MPC to provide institutional-grade security, scale their operations, and curate a superior Web2-like user experience. This is why MPC has become a best practice, with high customer demand.
Consuming these products is great. However, some of these products are also marketed as infrastructure products that can be used to build other products, and that is far from an ideal solution. As mentioned above, that includes significant compromises on operational independence and data privacy.
Solution: Self-Hosted MPC Infrastructure
As the industry matures, more and more companies are specializing in specific areas, such as staking, node operation, and key management. Also, the entrance of enterprises and global financial institutions into the space is raising the bar significantly for the quality of products and services. Not meeting these standards due to external dependencies, is no longer acceptable.
These are some of the main drivers as to why we are seeing an increasing number of Web3 companies choose self-hosted MPC infrastructure over SaaS-based MPC infrastructure for building wallet and custody products. These are not just regulated companies, but also leading Web3 native companies, performance or UX savvy, that are unwilling to compromise control over their product offering or its quality.
Self-hosted MPC infrastructure emerges as an alternative that can provide the advantages of not having to build the infrastructure in-house, without the need for compromises over control and risk management.
Main characteristics of self-hosted MPC infrastructure:
- Full data privacy - The MPC provider does not hold a secret share, and does not participate in the signing operations. Therefore, the provider does not need access to the data.
- Operational independence - The customer can fully control the product roadmap, user experience, and data. This allows the creation of operational and product flows, analysis of the data, and iteration, with zero product dependencies.
- No vendor lock-in - It is possible to migrate to another solution or provider without changing the public address of your customers or reconstructing the key.
- Full control over your blockchain support roadmap - MPC is blockchain agnostic by nature. Providers that support ECDSA and EdDSA enable you to support all relevant blockchains.
- Ability to meet regulatory demands - The customer chooses where and how to store their shares.
- Minimal counterparty risk - As the MPC infrastructure provider doesn’t hold any sensitive data, or participate in signing, the risk is minimized.