Multi-Party Computation
Multi-Party Computation (MPC) powers MetaMask Embedded Wallets' non-custodial key management, enabling secure access and signing without exposing a full private key.
Understanding MPC in MetaMask Embedded Wallets
MetaMask Embedded Wallets utilizes Threshold Cryptography, a principle of MPC, to ensure that a user can access their private key or generate transaction signatures only if they meet a specified threshold - typically 2 out of n key shares.
This section is an overview of MPC in MetaMask Embedded Wallets. For an in-depth understanding, it might be helpful to read through How Embedded Wallets Work and Wallet Management and Security of our Infrastructure.
Design Goals
- Seamless User Experience: MetaMask Embedded Wallets aims to provide a frictionless non-custodial wallet experience.
- Broad Compatibility: Ensures integration with existing authentication methods and blockchain ecosystems.
- Global Performance & Scalability: Designed to meet the expansive demands of the Web3 market efficiently.
2-of-3 setup
- OAuth login share: Via the Web3Auth Network (e.g., Google).
- Device share: Stored on-device, protected by OS security/biometrics.
- Backup/2FA share: User-controlled recovery using a high-entropy secret.
Implementation variants
- Shamir Secret Sharing (SSS): Reconstructs the key when the threshold is met.
- Threshold Signature Scheme (TSS): Creates partial signatures; no key reconstruction.
Both methods adhere to the core concept of threshold-based security but differ in their approach to wallet management and signature generation.
Wallet Management Infrastructure
The Wallet Management Infrastructure distributes key shares so the full private key is never stored or exposed. The social-login share is generated by the Web3Auth Network using a 5/9 consensus, keeping wallets non-custodial. See the Wallet Management Infrastructure docs for details.