This Crypto Custody Breakthrough Will Bring Banks Closer to Digital Assets

Shard X is claiming to be the first company to successfully run multi-party computation (MPC) on hardware security modules (HSMs).

AccessTimeIconNov 13, 2020 at 3:30 p.m. UTC
Updated May 9, 2023 at 3:13 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

Stealth-mode crypto custody specialist Shard X has claimed a breakthrough, being the first company to successfully run math-heavy, multi-party computation (MPC) on hardware security modules (HSMs).

So why does this alphabet soup of security tech matter? 

  • 'The Voice' Makes Its Way to the Metaverse
    12:43
    'The Voice' Makes Its Way to the Metaverse
  • Staking Has Been a Major Liquidity Sink for ETH: Coinbase Institutional
    00:53
    Staking Has Been a Major Liquidity Sink for ETH: Coinbase Institutional
  • Fantom Token Jumps; Dolce & Gabbana Sued for NFT Deliveries
    01:52
    Fantom Token Jumps; Dolce & Gabbana Sued for NFT Deliveries
  • What's the Key to Winning a Hackathon?
    00:32
    What's the Key to Winning a Hackathon?
  • In summary, HSMs are a battle-tested way to store private keys, particularly popular in consumer products like Ledger and Trezor. MPC, which breaks up cryptographic keys into shards and distributes them, is growing in popularity with custody tech providers like Fireblocks and Curv. But one challenge with MPC has been where to store key shards: The whole process was thought to be too computationally heavy to run on hardware.

    Solving this problem is important because banks, which are gradually edging towards crypto custody, generally like and trust HSMs. So a combination of battle-tested, bank-grade HSMs, combined with cutting-edge MPC is probably the type of tech those institutions will be looking for, says Yaniv Neu-Ner, co-founder and CEO of Shard X. 

    Shard X has successfully run MPC tests with Entrust, a provider of nShield HSMs to major custodians, said Neu-Ner, and is now working on running MPC with a number of firms offering HSMs, such as Utimaco.

    “Our big breakthrough is that we’ve managed to compress and optimize the MPC code so that it can run on bank-grade HSMs, something people in this space never thought was possible,” said Neu-Ner. “Now, you can take an MPC key fragment and store it on an HSM to make sure you don’t get breached.”

    Wallet providers, custodians and exchanges all need bank-grade security for crypto-wallets and to secure and manage multi-million dollar assets across multiple blockchains, said John Grimm, VP strategy and business development at Entrust.

    “ShardX has implemented multi-party computation (MPC) technology on Entrust nShield hardware security modules (HSMs) to ensure the integrity and secure processing of private key fragments that protect the blockchain, offering high assurance secure key management and a secure, safe and simple way to access digital currencies,” said Grimm via email.

    There are a lot of smart people working on MPC, so how did nobody else solve this problem? 

    Neu-Ner said the credit goes to his team, which managed to combine equally strong math and engineering backgrounds, in particular his CTO Nikita Lesnikov.

    “[Lesnikov] is just an exceptional mind,” said Neu-Ner. “He was the one who figured it out. I imagine now that we are announcing it, the competition will start working on the same challenge, and I think they will get there. But it’s a big breakthrough to be first.”

    Shard X likes to take a back seat, licensing its software to custodians. In terms of how this breakthrough is being peer-reviewed, MPC code auditor Trail of Bits has been selected to continually audit the work. 

    For Neu-Ner, a combination of the best of both worlds is an essential step in the evolution of crypto custody

    “As this industry grows, there’s going to be more and more value at stake, and right now we are seeing exchanges getting hacked fairly regularly,” he said. “So I don’t think one technology will be enough. The future I see is that you combine multiple technologies to create the most secure custody solutions.”

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.