🚧 Development Status: MPC functionality is currently under active development. This documentation describes the planned implementation and architecture. API endpoints for MPC operations will be available in a future release. For now, you can use Vilna with xPub keys generated from external MPC solutions.
Multi-Party Computation (MPC) key management provides the highest level of security for digital asset custody by ensuring that private keys are never assembled in one place. Vilna implements the state-of-the-art CGGMP protocol for threshold signature generation.
Traditional key management approaches have inherent vulnerabilities:
- Single keys create a single point of failure
- Multi-sig reveals all participants on-chain
- Hardware wallets can be lost or compromised
MPC technology eliminates these risks by distributing key generation and signing across multiple parties, with no single party ever having access to the complete private key.
Vilna uses the CGGMP (Canetti-Gennaro-Goldfeder-Makriyannis-Peled) protocol, which represents the cutting edge of threshold signature schemes:
- No Key Reconstruction: The private key is never reconstructed, even during signing
- Threshold Signatures: Configure m-of-n signing policies (e.g., 2-of-3, 3-of-5)
- Proactive Security: Rotate key shards without changing the public key
- Non-interactive Signing: After initial setup, signing requires minimal rounds of communication
The MPC ceremony will begin with initialization where you specify the number of participants and threshold requirements. This functionality is not yet available via API.
Each participant will run the key generation protocol:
Once key generation is complete (using external MPC solutions), the extended public key can be imported into Vilna Core using the standard xPub API for wallet generation and monitoring.
Key shards must be stored securely across different environments:
- Cloud HSM: AWS CloudHSM, Azure Key Vault, Google Cloud HSM
- Hardware Security Modules: Physical HSMs in data centers
- Secure Enclaves: Intel SGX, AWS Nitro Enclaves
- Mobile Devices: iOS Secure Enclave, Android Keystore
In the future, Vilna will support shard rotation to maintain security by adding new participants and removing old ones without changing the public key. This feature is currently under development.
When MPC signing is available, the process will work as follows:
- Build Transaction: Vilna will construct the transaction
- Request Signatures: Each shard holder will receive signing request
- Partial Signatures: Threshold number of parties will provide partial signatures
- Combine: MPC protocol will combine partial signatures into final signature
- Broadcast: Transaction will be broadcast to blockchain
This functionality is currently under development.
| Attack Type | Protection Method |
|---|---|
| Key Theft | Key never exists in complete form |
| Insider Threat | Threshold requirement prevents single malicious party |
| Physical Compromise | Geographic distribution of shards |
| Network Attacks | End-to-end encryption between parties |
| Quantum Computing | Post-quantum cryptography roadmap |
- No Single Point of Control: Meets regulatory requirements for distributed custody
- Audit Trail: Complete logging of all signing operations
- Policy Enforcement: Programmable signing policies
- Geographic Distribution: Comply with data residency requirements
MPC operations will be accessible through Vilna's unified API once development is complete. Currently, you can import xPub keys generated through external MPC solutions using our standard xPub endpoints.
Perfect for institutions requiring bank-grade security:
- Cryptocurrency exchanges
- Asset managers
- Corporate treasuries
- DeFi protocols
Meet strict regulatory requirements:
- SOC 2 Type II compliance
- ISO 27001 certification
- CCSS Level 3 security
- GDPR data protection
Secure high-value transactions:
- Large transfers requiring multiple approvals
- Smart contract deployments
- Cross-chain bridges
- DeFi position management
- Secure Environment: Conduct key generation in controlled environment
- Identity Verification: Verify all participants before ceremony
- Hardware Isolation: Use air-gapped devices when possible
- Documentation: Document entire process for audit purposes
- Regular Rotation: Rotate shards quarterly or after personnel changes
- Access Control: Implement strict access controls for shard access
- Monitoring: Monitor all signing requests and anomalies
- Backup Procedures: Maintain secure backup and recovery procedures
- Shard Backup: Securely backup shards in different geographic locations
- Recovery Testing: Regularly test recovery procedures
- Emergency Contacts: Maintain updated emergency contact list
- Incident Response: Have clear incident response plan
- Vilna API access
- Minimum 3 secure environments for shard storage
- Understanding of threshold signatures
Beta Program: MPC functionality is currently in development. Contact [email protected] to join the beta program and get early access to MPC features.
- Join Beta Program - Contact support to participate in MPC beta testing
- Plan Your Setup - Define your threshold requirements and participant structure
- Prepare Infrastructure - Set up secure environments for shard storage
- Import Generated xPub - Use the standard xPub API to import keys into Vilna
Detailed implementation guides will be available upon MPC feature release.
For MPC-specific support:
- Technical Documentation: docs.vilna.io/mpc
- Enterprise Support: [email protected]
- Security Audits: Available upon request
- Core Platform - Learn about address generation and monitoring
- Transaction Processing - Understand transaction signing flow
- API Reference - Complete API documentation