Palisade utilises a version of Multi-Party Computation (MPC) known as Threshold Signature Scheme (TSS) (also known as MPC-TSS) to provide secure, decentralised private key management. Specifically, we implement DKLS19 and DKLS23, two advanced TSS protocols designed for secure and efficient cryptographic signing.
- DKLS19 (2020) – "Secure Two-Party Threshold ECDSA from ECDSA Assumptions"
- DKLS23 (2023) – "New Threshold Signatures and DKG with Dishonest Majority from Lattices"
Multi-Party Computation (MPC) with Threshold Signature Scheme (TSS) revolutionises private key management by eliminating single points of failure. Instead of storing a complete private key in one location, the system distributes key shares across multiple independent nodes. This ensures that no single entity ever has full control, significantly reducing the risk of compromise from breaches or operational failures.
By decentralising key material and signing processes, MPC-TSS enhances breach resilience. Even if an attacker gains access to some key shares, they cannot reconstruct the private key without meeting the required threshold. This makes the system highly resistant to:
- Cyberattacks
- Insider threats
- Zero-day vulnerabilities
MPC-TSS strengthens transaction security by enforcing quorum-based signing policies. Participants can only sign a transaction when a predefined number of them collaborate, mitigating the risk of insider collusion or unauthorised access. This distributed model not only secures key management but also ensures that signing processes remain resilient and tamper-proof.
Traditional key management stores the complete private key in one location. If that location is compromised, all assets are at risk. With MPC-TSS:
- The private key is never fully constructed in any single location
- Key shares are distributed across multiple independent devices
- Compromising one device does not compromise the entire key
In a Threshold Signature Scheme, TSS distributes signing authority using a (t, n) scheme:
- n = Total number of participants holding key shares
- t = Minimum number of participants required to sign a transaction
For example, in a (2, 3) quorum:
- 3 participants each hold a key share
- At least 2 participants must collaborate to sign a transaction
- No single participant can sign alone
This ensures that:
- Redundancy – One device can be offline or lost without affecting operations
- Security – A single compromised device cannot authorise transactions
- Flexibility – You can configure the threshold to match your security requirements
Palisade's implementation of MPC-TSS combines:
Cloud-hosted MPC co-signers that securely generate and store key shares. CloudSign nodes:
- Operate as participants within a quorum
- Enable secure, programmatic transaction signing
- Assist in disaster recovery by contributing to key reconstruction
iOS mobile applications that serve as participants in an MPC quorum. MobileSign:
- Generates and stores key shares securely within the device's Secure Enclave
- Introduces conscious human intent into transaction approval
- Can assist in disaster recovery by participating in key reconstruction
Palisade's MPC-TSS implementation supports several key operations:
| Operation | Description |
|---|---|
| Key generation | Distributed key generation (DKG) creates key shares without ever constructing the full private key |
| Transaction signing | Threshold number of participants collaborate to sign without reconstructing the key |
| Key resharing | Refresh key shares while maintaining the same private key (see Key resharing) |
| Key restructuring | Modify quorum participants while preserving the private key (see Key restructuring) |
By combining security, flexibility, and decentralisation, MPC-TSS sets a new standard for private key management. It is an essential approach for organisations that require institutional-grade security while maintaining operational efficiency and control.
Palisade's MPC-TSS implementation ensures:
- Compliance – Meets regulatory requirements for key management
- Auditability – All signing operations are logged and traceable
- Scalability – Supports complex organisational structures
- Resilience – Continues operating even if some participants are unavailable
- MPC terminology – Learn the key terms used in MPC-TSS
- MPC quorums – Create and manage quorums
- Devices – Set up CloudSign and MobileSign devices
- Multi-layer security framework – Understand Palisade's complete security architecture