STATE OF THE NETWORK
Lit MPC wallets are still heavily in development and should NOT BE USED to transact live assets that hold monetary value. DO NOT store assets you are not prepared to lose. During this period, we're grateful for feedback on how to improve the docs and examples.
Applied generally, multi-party computation (MPC) allows multiple parties to collectively compute a function over a set of private inputs without ever revealing the inputs themselves. In the context of key management, MPC can be used to generate distributed shares of a public/private key pair (which can be utilized for encryption and signing), without ever exposing the private key in its entirety. This means no one party ever has full control over the underlying key pair, eliminating single points of failure that exist in "centralized" key management ecosystems. An in-depth look at the current state of the MPC wallet space is explored in this article published by 1kx.
MPC Wallets with Lit
Lit can be used by web3 developers to easily deploy white-labeled MPC wallets. These non-custodial wallets can be used to deliver a more flexible and seamless onboarding experience to users of the decentralized web.
Each key generated by the Lit Network is distributed as shares among each participating node. This means that keys created by Lit never exist in their entirety and no one party can deny service. In order to use these keys (such as when signing a transaction), more than a threshold of key shares must be collected and aggregated.
This two-thirds threshold design provides a level of censorship resistance and fault tolerance that “typical” 2-of-2 MPC designs do not. In addition to any 2-of-2 provider being able to deny the user access to their funds or censor transactions, most of these systems also require the end user to custody a key share. This means the goal of a seamless, “web2” style onboarding UX is not possible (onboarding without seed phrases or private key management), instead delivering the UX of self-custody with additional steps.
With Lit, the entire key lives in the network and any arbitrary authentication logic can be assigned to that key pair. Authentication refers to the credential(s) that get assigned to these keys and have the power to control them (credentials are assigned and verified by the Lit nodes). This gives the application developer or end user full control over designing how interactions with the MPC wallet should be managed. For example, allowing a user to onboard into web3 with nothing but their Gmail account, or requiring multi-factor authentication (MFA) when attempting to spend more than X amount of assets, or even enabling more complex social recovery mechanisms. Today, the following auth methods are supported by Lit:
- WebAuthn from FIDO Alliance (AKA Apple Passkey, demo)
- Web3 ownership (holding the “controller” PKP NFT)
- Social login (Google, Discord)
- Email and SMS
- Self-custody key (such as a Ledger hardware wallet)
What’s the end goal? Providing a seamless onboarding experience for the next one billion users in web3!
Getting Started and Further Reading
Some links to further reading and resources to help you get started building with MPC wallets on the Lit network today: