How it Works

Xellar Advanced Multi-Party Computation

Xellar TSS applies an advanced cryptographic technique known as Secure Multiparty Computation (MPC) to compute signatures or encryptions, without the secret key being reconstructed at any point. As a result, there is no single point of trust in the system. Applying MPC to shares of cryptographic keys is also known as threshold cryptography.

Concretely, when a key is created, the key is a secret shared among a set of n of the MPC nodes, using a security threshold of t. The security threshold specifies the number of key shares that can be leaked without being able to learn anything about the original key. In other words, if a key is stored using a security threshold of t, then the secret sharing and the MPC technology ensure confidentiality of the key, as long as at most t of the MPC nodes are corrupted.

Typically, a key is generated on two MPC nodes (n=2) with a security threshold of one (t=1). In this case, we say that the key is a (2,1) sharing, This means that the key is protected even if one of the two MPC nodes gets compromised.

Generally, using a higher security threshold increases the key confidentiality. The MPC will, on the other hand, often require t+1 MPC nodes to participate in the generation of a signature or encryption. So there is a trade-off between confidentiality and availability of the key secret shared.