1、Introduction
Pallet is next generation of decentralized, non-custodial and multi-chain Web3 wallet based on MPC technology. It has the characteristics of security and ease of use. It completely uses the Web2 user experience to greatly reduce the threshold for users to enter the Web3 world.
In terms of security,Pallet uses MPC multi-party computing to generate wallet private key fragments in a distributed manner, with multiple signatures, eliminating the risk of single-point private key storage and single-point signature in traditional mnemonic wallets. There is no complete private key in the Pallet MPC wallet at any time, and the wallet assets are always in a safe state. Users have absolute control over wallet assets, 100% privacy protection, transaction requests can only be initiated by users, and Pallet will never touch user assets.
In terms of ease of use, Pallet's original key management system, based on cryptography principles, TEE trusted execution environment, multiple security authentication and encryption mechanisms, provides safe and reliable wallet backup and recovery functions to help users manage wallets safely and conveniently. Users do not need to memorize private keys.
In addition, Pallet provides a platform-independent wallet backup and recovery mechanism, which can guarantee the security of user assets even if Pallet is shut down, and relieve users from worrying about platform failure.
Multi-party computation (MPC) is a branch of cryptography that started with the seminal work of Andrew C. Yao in the 1980s. In MPC, a set of parties that do not trust each other try to jointly compute a function over their inputs while keeping those inputs private.
As an example, suppose X employees of a company want to know the highest earning employee but without revealing to each other their individual salaries. Doing this computation using MPC, the private inputs are salaries and the output will be the name of the highest earning employee — all done without even a single salary being leaked.
Hence, the two main properties of MPC are Correctness and Privacy:
Correctness: The output produced by an algorithm is correct (as expected).
Privacy: The secret input data that a party holds would not leak to the other parties.
Threshold Signature Scheme (TSS)
Pallet wallet uses MPC to compute a digital signature in a distributed way. Let’s see how the above properties can be applied to signatures.
First thing to note, for signatures, we have three steps:
Distributed Key Generation (DKG)
The Pallet Wallet is built on the MPC (2-of-2 multi-signature) TSS, where the Pallet MPC client and server nodes generate parts of their respective private keys via distributed key shares. Both private key shares are stored separately on the client and server node ends.
The distributed key generation algorithm is based on the ECDSA elliptic curve. The client and the server generate a key pair respectively, and the public key can be derived from the private key (where G is the starting point on the elliptic curve, and the private keys sk1 and sk2 are on the elliptic curve. At random points, the public key P1=sk1*G can be generated through the multiplication operation of the elliptic curve).
Through the zero-knowledge proof mechanism, the client and the server generate a shared public key without exposing their private keys to each other, and the shared public key is used for signature verification.
Threshold Signature Scheme(TSS)
This step involves a signature generation function. The input of each party will be its secret share, created as output of the previous step (distributed key generation). There is also public input known to all which is the message to be signed. The output will be a digital signature, and the property of privacy ensures that no leakage of secret shares occurred during the computation.
When a transaction happens, the client node will trigger the signature request. In the process, both the MPC client and server nodes will generate the transaction signature via homomorphic encryption and decryption, before the client node publishes the transaction onto the blockchain nodes.
Consider the above picture for the following illustration;
A customer is worried that a small piece of the gold bar will be stolen by the craftsman during its processing (representing the customer’s fear of information leakage or being stolen). So the customer puts the gold bar in a box with only a pair of gloves as the opening access (indicating that the information will be encrypted) ), and the master craftsman comes to process it into a necklace through the gloves without touching directly touching or accessing the gold bar (expressing the meaning of homomorphic encryption and decryption: processing on the basis of ciphertext, and finally getting the correct result)
Pallet wallet use MPC 2of2 Threshold Signature; both the user’s mobile device and the Pallet server are MPC nodes. The MPC nodes generate and use cryptographic key materials with each node holding a secret share key and the entire key never being present on any device. The entire key is also never revealed using SHA256, and the 2P Distribution KeyGeneration and 2P Distribution Signing is based on Lindell’s CRYPTO17 paper
Verification
The verification algorithm remains as it is in the classical setting. To be compatible with single key signatures, everyone with knowledge of the public key should be able to verify and validate the signatures. This is exactly what blockchain validating nodes do.
– Explore the Pallet MPC Wallet
The Pallet wallet is the doorway to the Pallet ecosystem, delivering an alternative method to crypto asset management and security. Pallet wallet allows you create & access your wallet via email for simpler and safer asset management.
As detailed above, the wallet employs the MPC (2-of-2) threshold signature algorithm which allows for the distributed storage of sensitive wallet data; thus adding an extra layer of security to your assets.
Most importantly, the Pallet MPC wallet eliminates the single-point storage of private keys and the risk of single-point signature transactions associated with traditional mnemonic wallets.
Summarily, Pallet MPC wallet provides additional and improved layer of security given the following multi-party computational benefits;
Distributed secret key: The Pallet wallet is based on the MPC (2-of-2) threshold signature algorithm. The client and the server generate private key fragments respectively through the distributed secret key generation algorithm. The two private key fragments are encrypted and stored on the client and the server respectively.
Distributed Signature: When a transaction is signed, the client initiates a signature request, and the client and the server generate a transaction signature through homomorphic encryption and homomorphic decryption, which is broadcast to the blockchain by the client.
Either the client or the server always has only a part of the fragment of the MPC private key, and neither party can complete the transaction signature independently. Even if the private key fragment of one party is leaked, it will not lead to the loss of assets in the user’s wallet.
Backup and restore wallet from mailbox and cloud disk: Pallet binds your wallet identity with the MPC private key segment through your mailbox; hence, the wallet can be backed up and restored easily through the same mailbox.
An encrypted material of the backed-up wallet is stored in a user-controlled “cloud disk” inaccessible to anyone (including Pallet). Hence, when users change their devices, they can easily restore their wallets after passing the e-mail and cloud disk authentication requirements.
Traverse the Web3 ecosystem seamlessly
The Pallet Wallet truly delivers on improved wallet security, enabling users traverse the Web3 ecosystem (assets, dApps, Metaverses etc.) far more safely, without fear of ever being compromised.
Explore the Pallet Wallet amongst other features by downloading the Pallet App (Play Store and iOS).
Join our community and stay up-to-date with all things Pallet
Last updated
