Multi-Party Computation May Hold The Key To Overcoming DeFi’s Persistent Vulnerabilities

FinanceFeeds Editorial Team

Even though the DeFi universe has grown exponentially over the last years, the still-evolving ecosystem has become the breeding ground for malicious actors. On one end, the DeFi market is witnessing an inflow of billions of dollars and helping manifest blockchain’s vision of more democratized and inclusive access to financial services. At the same time, hackers are siphoning off millions in the blink of an eye. This recurring problem needs to stop if DeFi wishes to expand its footprint across the larger market.

Take, for instance, the latest Wormhole network exploit. Hackers exploited the flawed logic in the bridge between Solana and Ethereum blockchains, stealing over $325 million. In general, any transaction triggered through the Wormhole Bridge to Solana requires two things: a valid transaction signature and a “Guardian” approved validation node. Once both conditions are satisfied, the Solana network approves the transaction request. However, in the case of an invalid transaction signature and a valid guardian, the underlying determiners for initiating a transaction don’t match up, leading Solana to deny the mint request.

In Wormhole’s recent exploit, the hacker used an invalid signature and a non-guardian to create two different unapproved conditions. Since the process relies on matching conditions, in this case, a valid signature and guardian, to process transaction requests, the underlying code considered the two “invalid conditions” generated by the hacker as a “match.” As a result, the hacker minted 120,000 wETH, worth around $325 million, on Solana without depositing the corresponding amount of ETH in Wormhole.

For now, the vulnerability has been patched, and the Wormhole management team has reassured users that stolen funds would be returned. However, the team didn’t specify who would provide the funds to backstop the wETH on Solana. 

Multi-Party Computation (MPC) To The Rescue

The Wormhole bridge exploit highlights the growing trend of exploits on cross-chain protocols, raising important questions about the promised security of blockchain networks. While interoperability and cross-chain communication are essential to DeFi, the underlying concept of “validation via signatures” needs a significant overhaul to ward off malicious attempts.

This is where multi-party computation (MPC) comes into the picture. While the core concept of requiring multiple parties or proofs (like signatures) to approve transactions is a common feature used by blockchain wallets, Partisia Blockchain’s MPC technology further diminishes the chances of exploits by distributing signature power to multiple parties. 

Most existing signature-based transaction approvals rely on a single point of trust, but with Partisia’s MPC model, there’s no single point of trust. Instead, the security feature is distributed across the entire Partisia Blockchain, effectively removing problems like a fraud. 

Leveraging the power of ZK (zero-knowledge) computations for on-chain, off-chain, and cross-chain transactions, the MPC model adds privacy and confidentiality with no single point of trust. A subset of the secret keys, but not the entire secret key set, is stored in entirely modifiable endpoints in MPC. These endpoints are used in conjunction to build a consensus, and a minimum number of endpoints must be reached for a transaction to be successful.

According to Kurt Nielsen, the President and Co-founder of Partisia blockchain, “Interoperability via token bridges exhibits immense potential to become a main value creator in the blockchain ecosystem. However, as we saw in the Wormhole exploit, moving tokens outside their established security model poses significant challenges and vulnerabilities. Our answer is more sophisticated, proven audit principles and large-scale MPC security measures.”

He further explains, “First, a regularly expiring Oracle effectively and transparently represents the values across the different blockchains like the double-entry bookkeeping that has proven its worth since the Medici Bank in the 14th century. Second, large scale MPC security measures avoid the accumulation of financial risk across Oracles or epochs. Third, the nodes operating the Oracle in a given epoch provide collateral to back the transferred values and finally, objective imbalances are compensated through a decentralized dispute process.”

The Partisia team is a pioneer in the MPC space, offering commercial-grade MPC software solutions to global enterprises since 2008. It has been involved in bringing the power of MPC to blockchain since 2017, gradually building a privacy-focused solution that ensures DeFi users get access to greater trust and security in moving their assets between individual ecosystems. By merging blockchains and ZK computations in a collaborative fashion, Partisia addresses the privacy and interoperability security issues of on-chain, off-chain, and cross-chain transactions. 

Read this next

Digital Assets

Sam Bankman-Fried might see his 25-year sentence halved

Sam Bankman-Fried, the founder of the failed cryptocurrency exchange FTX, was sentenced to 25 years in federal prison by a Manhattan court on Thursday. This comes after he was convicted of defrauding customers and investors, with Judge Lewis Kaplan highlighting the potential future risks posed by Bankman-Fried.

Technical Analysis

EURJPY Technical Analysis Report 28 March, 2024

EURJPY currency pair under the bearish pressure after the pair reversed down from the major resistance level 164.25, which also stopped the sharp weekly uptrend at the end of last year,

Digital Assets

BlockDAG’s Presale Hits $9.9M, MultiversX & MINA Price Predictions Show Green

Read about BlockDAG’s promising $10 prediction and insights on MultiversX Price Prediction as MINA’s potential unfolds.

Digital Assets

Rockstar Co-Founder and All-star Line Up Join Advisory Board to Take Metacade into Post Beta Orbit

Metacade, the revolutionary Web3 gaming platform, prepares to streak out of beta with a slew of ground-breaking initiatives that will redefine the way blockchain games are developed.

Retail FX

Prop firm The Funded Trader shuts down, claims relaunch in April

Prop trading firm The Funded Trader has ceased all operations, with claims for a relaunch in the near future.

Digital Assets

Ethereum-Based Tokenized Real Estate Platform USP Launches On Republic

How This Californian Startup Is Revolutionizing Real Estate Investment through Ethereum-Based Tokenization.

Digital Assets

Sui Spikes in Weekly DEX Volume, Joins Top 10 of All Blockchains

March DEX volume on Sui stands at over $2.88B – up more than 49% from February – with decentralized exchange Cetus and wholesale liquidity layer DeepBook leading.

Digital Assets

Prisma Finance suffers $10 million crypto exploit, attack ongoing

Liquid staking protocol Prisma Finance fell victim to a security exploit on March 28, resulting in nearly $10 million in Prisma mkUSD and wrapped stETH being stolen by hackers.

Digital Assets

Masa and LayerZero: Bridging Blockchains for Data Sovereignty

Masa Network is poised to revolutionize the personal data landscape with its upcoming launch as a cross-chain platform, making it accessible on a variety of blockchains right from the start.

<