A breakdown of all the relevant concepts and terms as it pertains to Portal
How this relates to Portal
Multi-Party Computation (MPC)
A field of computing that aims to solve problems when computing a result amongst multiple computers (parties). A subset of MPC centers around performing cryptographic functions across multiple parties, where each has a single key share instead of one party having a single private key.
Portal is an MPC wallet company that provides Wallets-as-a-Service to our customers.
Distributed Key Generation (DKG)
The MPC process that creates key shares on separate devices.
Portal uses DKG to power the Generate function.
2:2 (Two-for-Two) Key Configuration
This describes the MPC key configuration that Portal uses. It means that we create 2 key shares during DKG and require both of the 2 key shares to perform a signature or reshare. Specifically, it means there are 2 total keys and the threshold is 2.
Portal uses MPC in a 2:2 key configuration where an end user holds one key and Portal holds the other.
The MPC process that generates a new set of valid key shares, from previous key shares. The new key shares are still able to sign for the existing public key.
Portal uses reshare to power the Backup function.
In a 2:2 key configuration, two linked keys are needed to perform a sign or reshare. If the two parties present keys that are not linked (i.e. from different DKGs or different reshare runs) than an MPC operation will fail because the key shares are mismatched (not the correctly linked shares).
Portal will throw errors indicating a Share Mismatch if an MPC operation has incorrect key shares. This can often occur if the client is using the wrong key share during the Backup function. (if the signing key is presented to Backup it will be mismatched with the Backup share presented on the server side)
Elliptic Curve Digital Signature Algorithm (ECDSA)
ECDSA for short is the process of generating a key using a mathematical equation for an elliptic curve, y^2 = x^3 + ax + b.The equation generates a value on the curve which is multiplied by another value to create a new point on the curve. These points on the curve represent the public and private keys needed to authenticate a user
Portal uses ECDSA to create public and private keys for a client to then sign transactions on chain. Portal first goes through the MPC process to match and validate that the client and Portal key shares are linked and uses those 2 key shares to generate a public and private key needed to sign transaction onto chain.
An added MPC condition that forces a specified number of key shares to be accessible to validate the authenticity and proceed with the signing.
Portal uses a threshold of 2 when signing, meaning that both the portal key share and the client key share are required for signing.
A portion of the complete cryptographic key. MPC creates multiple key shares, depending on the key configuration chosen when. The aggregate of all key shares is the intended key needed for signing, anything less will be incomplete
Portal generates 2 key shares from our SDK’s that are then saved on the Client as well as with Portal.