Skip to main content

User Wallets (Programmable Key Pairs)

info

STATE OF THE NETWORK

Storing and transacting live assets with Programmable Key Pairs (PKPs) IS now supported on the Datil Mainnet and Datil Testnets. Take a look at the docs on migration to start building today!

Overview

Defined technically, multi-party computation (MPC) allows a set of parties to collectively compute a function over private inputs without ever revealing the inputs themselves. In the context of key management, MPC can be used to generate distributed shares of a public/private key pair (AKA a wallet), without ever exposing the private key in its entirety. This means no one party ever has full control over the underlying key pair which serves to eliminate the central points of failure that exist in "custodial" key management ecosystems and setups. An in-depth look at the current state of the MPC wallet space is explored in this article published by 1kx.

MPC Wallets with Lit

Lit can be used by web3 developers to easily deploy white-labeled and programmable MPC wallets. These non-custodial wallets can be used to simplify user onboarding while simultaneously making it more secure. Each key generated by the Lit Network is distributed as shares among each participating node. This means that keys created by Lit never exist in their entirety and no one party ever has the power to deny service. In order to use these keys (such as when signing a transaction), more than a threshold of key shares must be collected and aggregated. This two-thirds threshold design provides a level of censorship resistance and fault tolerance that “typical” 2-of-2 MPC designs do not. In addition to any 2-of-2 provider being able to deny the user access to their funds or censor transactions, most of these systems also require the end user to custody a key share. This means the goal of a seamless, “web2” style onboarding UX is not possible (onboarding without seed phrases or private key management), instead delivering the UX of self-custody with additional steps. With Lit, the entire key lives in the network and any arbitrary authentication logic can be assigned to that key pair. This authentication logic determines what individuals or credentials have the ability to control these keys and use them. This gives the application developer or end user full control over designing how interactions with the MPC wallet should be managed. For example, allowing a user to onboard into web3 with nothing but their Gmail account, or requiring multi-factor authentication (MFA) when attempting to spend more than X amount of assets, or even enabling more complex social recovery mechanisms. Today, the following auth methods are supported by Lit that make the onboarding process seamless:

What’s the end goal? Providing a seamless onboarding experience for the next one billion users in web3!

Getting Started and Further Reading

Some links to further reading and resources to help you get started building with MPC wallets on the Lit network today:

info

Not finding the answer you're looking for? Share your feedback on these docs by creating an issue in our GitHub Issues and Reports repository or get support by visiting our Support page.