Account Abstraction or MPC: Which is best for your application?
Aug 31, 2023
Explore the intricacies of Account Abstraction and Secure Multi-Party Computation in the realm of digital assets. Delve into a comprehensive comparison to determine the optimal choice for your application.
Account abstraction, as specified by ERC-4337 will introduce compelling benefits for some applications, but not others.
Similarly, secure multi-party computation (MPC) is the private key security technology of choice for thousands of institutions, and provides compelling benefits of its own.
This article explains how each technology works, highlights important considerations and provides a summary of both. Book a call for your very own demo of Blockdaemon Institutional Wallet™, or read on to get a closer look at what’s new where we will help you identify which types of applications are better served by account abstraction, MPC, or a combination of both.
Brief Introduction to Account Abstraction
Let’s begin with a high level review of both account abstraction and MPC.
Account abstraction separates the control of digital assets (private keys) from the execution of smart contracts.
Account abstraction promises to improve usability by removing the full dependency on the user’s private key and enabling third-parties to help overcome blockchain user experience (UX) issues, although its implementation and capabilities varies per blockchain.
How Account Abstraction works:
Generally, in account abstraction, elements of a transaction are abstracted away such as the nonce or gas. The private key is replaced by alternative authentication such as biometric (e.g. on mobile). This is different from traditional blockchain setups, where a private key per user account is used for any type of transaction signing or interaction with smart contracts.
To interact with a smart contract, a message is sent, rather than a final transaction, to the relay mechanism. With ERC-4337, for example, the userops mempool, bundler and entry point contract validate the intent by calling the wallet contract and ensuring enough funds for gas payment.
The wallet contract validates the user's request and signature, and will only sign the proper transaction if it passes the bundler.
The signed transaction is then sent to the blockchain, executing the desired action.
Figure 1) Representative ERC-4337 Transaction Flow, Source: Visa publication
Flexible Security: Account abstraction eliminates dependencies on private keys for transaction approvals, this allows for flexible and composable security models, defined through smart contracts.
Flexible Account Recovery: Account abstraction eliminates the need to remember seed phrases or store copies of private keys. Replacing private keys with alternative smart contract security options opens the door to flexible options for account recovery,
User Experience: Account abstraction promises to improve digital asset management for users, e.g. via flexible payment for gas fees, batching transactions, and smart contract integration of DeFi services.
Innovation: Account abstraction enables seamless integration with smart contracts and decentralized applications, as well as modular open-source wallets for rapid adaptation to new innovations.
Important Considerations with Account Abstraction:
Non Universal: ERC-4337 is only supported on Ethereum and EVM-compatible networks like Polygon, and is not available for use with other blockchains ecosystems. Alternative schemes are required for alternative protocols creating inconsistencies which may be problematic for institutional users.
Smart Contract Risk: Smart Contract vulnerabilities are a leading source of digital asset theft. The security of the smart contracts themselves remains crucial. Institutions dealing with very large values of assets typically require more established, self-contained security solutions with no security dependencies on third parties.
Third Party Dependencies: ERC-4337 uses user operation mempool(s), and the avoidance of the main protocol mempool requires additional third-party bundlers to relay transactions, creating dependency on unidentified third parties to get intents on-chain.
DApp Enablement Needed: Account abstraction relies on the adoption by dApps to support integration with account abstraction. This may result in inconsistent support until there is widespread adoption.
Account Abstraction Summary
Account abstraction promises to improve user experience and services innovation, however it is not supported by all key protocols, and it introduces security dependencies that are outside of the direct and exclusive control of the smart contract wallet service provider.
As a result, Account abstraction is more suitable to select retail or consumer wallet applications where ease of use and user experience are valued more than consistency of operations across protocols and advanced levels of security with deterministic control.
Brief Introduction to Secure MPC
Secure Multi-Party Computation (MPC) allows multiple parties to collaboratively approve and sign transactions through distributed private key management.
MPC enhances the security of your digital assets by eliminating the existence of a complete key on any single device, removing a classic single point of failure.
MPC operates off chain, so your entire wallet infrastructure can be self-hosted under your exclusive control, or hosted as a service with subscribing institutions hosting one or more key shares under their domain.
How MPC works:
MPC generates private keys in the form of distributed key shares, stored with different parties representing the institution and/or service provider.
MPC wallet integration lets you apply granular policies to each transaction, allowing key shares to be used only after policies are fully satisfied.
Through secure communication protocols, the participants interact to jointly perform cryptographic operations, such as signing a transaction, without sharing their private key shares.
The final computation generates cryptographic signatures or signed transactions without ever creating or disclosing a complete key to any party.
MPC can be augmented with additional technologies like biometrics, PassKey and others to provide user friendly authentication and key recovery.
Deterministic Security: MPC provides a fully self-contained private key management and protection framework. Systems can be designed to provide institutions with complete and exclusive control over all aspects of their private keys and security infrastructure, eliminating dependencies and counterparty risks with third parties.
Enhanced Security: MPC protects against single points of failure and insider threats, as no participant possesses the complete private key.
Off-Chain Efficiency: MPC operates off-chain to provide a single signature transaction, avoiding on-chain computation for maximum efficiency.
Blockchain Agnostic: MPC is blockchain agnostic and supports uniform multi-party approvals and transaction signing for all blockchain protocols.
Mature and Proven: MPC has been deployed in commercial applications since 2008, and key management applications for over a decade. The cryptography is based on proven public algorithms and availability of 3rd party security proofs from respected vendors.
Important Considerations with MPC:
Structured Transaction Models: MPC is predominantly used with Externally Owned Account (EOA) wallet structures, which do not support the AA option to bundle transactions or allow third parties to pay gas fees.
Computational Overhead: MPC can be computationally intensive, potentially resulting in increased processing times. Pre-processing techniques are required to achieve high-volume, low-latency throughput.
Blind Signing: Similar to a hardware security module (HSM), MPC key shares will blindly sign transactions when directed to do so by the party controlling each key share. MPC protects private keys from theft or misuse. However, higher layer control systems such as policies should be cryptographically bound with the private key shares to prevent blind signing, assuring that transactions are signed only after satisfying all applicable policies.
Emergency Recovery: Protocols using MPC to sign transactions require private keys. If those keys are lost and emergency recovery options are not available, the associated digital assets will become stranded and inaccessible. Special care must be taken to ensure that private keys are properly backed up and securely stored.
MPC enables consistent and uniform operations and user experiences for all protocols through a well established, universally supported security model that can be entirely self-hosted to eliminate dependencies on third parties.
MPC is most suitable for institutional applications and commercial applications, hosted by institutional service providers, where consistency of operations and user experience across protocols, and advanced levels of security with deterministic control are critical.
The Differences between AA and MPC: Quick Reference
The following tables provide a quick reference comparison between account abstraction and MPC for wallet considerations.
Table 1) Comparison of Smart Contract Wallets versus MPC Wallets
When to Choose AA or MPC?
The choice between MPC and account abstraction depends on your specific security requirements, use cases, and application or service objectives.
When to choose MPC: Institutionally focused, high asset value applications, and applications requiring advanced levels of security will benefit most from MPC, specifically the uniformity, proven and deterministic security, and self-hosted control attributes of MPC.
When to choose account abstraction: Consumer centric applications, with low asset value, and high transaction price sensitivity may be better suited to account abstraction, particularly the enhanced ease of use, easy account recovery, and lower bundled transaction costs.
Over time a combination of these technologies may also play a critical role for applications requiring a mix of features and functionality.
The following table summarizes a variety of primary wallet applications and highlights which applications are likely to be better suited to each.
Table 2) Wallet Applications Suitability for Account Abstraction vs. MPC
Are you an institution looking for help with Digital Asset security? Blockdaemon can help. We are global leaders in MPC wallet technology - get in touch today
Ready to build your blockchain business?
Fill out the form to connect with one of our product experts and learn how Blockdaemon can help you unlock the power of blockchain.
Thank you for connecting with Blockdaemon; we look forward to assisting with your blockchain endeavors.
Oops! Something went wrong while submitting the form.