Multi-Party Computation May Hold The Key To Overcoming DeFi’s Persistent Vulnerabilities

FinanceFeeds Editorial Team

Even though the DeFi universe has grown exponentially over the last years, the still-evolving ecosystem has become the breeding ground for malicious actors. On one end, the DeFi market is witnessing an inflow of billions of dollars and helping manifest blockchain’s vision of more democratized and inclusive access to financial services. At the same time, hackers are siphoning off millions in the blink of an eye. This recurring problem needs to stop if DeFi wishes to expand its footprint across the larger market.

Take, for instance, the latest Wormhole network exploit. Hackers exploited the flawed logic in the bridge between Solana and Ethereum blockchains, stealing over $325 million. In general, any transaction triggered through the Wormhole Bridge to Solana requires two things: a valid transaction signature and a “Guardian” approved validation node. Once both conditions are satisfied, the Solana network approves the transaction request. However, in the case of an invalid transaction signature and a valid guardian, the underlying determiners for initiating a transaction don’t match up, leading Solana to deny the mint request.

In Wormhole’s recent exploit, the hacker used an invalid signature and a non-guardian to create two different unapproved conditions. Since the process relies on matching conditions, in this case, a valid signature and guardian, to process transaction requests, the underlying code considered the two “invalid conditions” generated by the hacker as a “match.” As a result, the hacker minted 120,000 wETH, worth around $325 million, on Solana without depositing the corresponding amount of ETH in Wormhole.

For now, the vulnerability has been patched, and the Wormhole management team has reassured users that stolen funds would be returned. However, the team didn’t specify who would provide the funds to backstop the wETH on Solana. 

Multi-Party Computation (MPC) To The Rescue

The Wormhole bridge exploit highlights the growing trend of exploits on cross-chain protocols, raising important questions about the promised security of blockchain networks. While interoperability and cross-chain communication are essential to DeFi, the underlying concept of “validation via signatures” needs a significant overhaul to ward off malicious attempts.

This is where multi-party computation (MPC) comes into the picture. While the core concept of requiring multiple parties or proofs (like signatures) to approve transactions is a common feature used by blockchain wallets, Partisia Blockchain’s MPC technology further diminishes the chances of exploits by distributing signature power to multiple parties. 

Most existing signature-based transaction approvals rely on a single point of trust, but with Partisia’s MPC model, there’s no single point of trust. Instead, the security feature is distributed across the entire Partisia Blockchain, effectively removing problems like a fraud. 

Leveraging the power of ZK (zero-knowledge) computations for on-chain, off-chain, and cross-chain transactions, the MPC model adds privacy and confidentiality with no single point of trust. A subset of the secret keys, but not the entire secret key set, is stored in entirely modifiable endpoints in MPC. These endpoints are used in conjunction to build a consensus, and a minimum number of endpoints must be reached for a transaction to be successful.

According to Kurt Nielsen, the President and Co-founder of Partisia blockchain, “Interoperability via token bridges exhibits immense potential to become a main value creator in the blockchain ecosystem. However, as we saw in the Wormhole exploit, moving tokens outside their established security model poses significant challenges and vulnerabilities. Our answer is more sophisticated, proven audit principles and large-scale MPC security measures.”

He further explains, “First, a regularly expiring Oracle effectively and transparently represents the values across the different blockchains like the double-entry bookkeeping that has proven its worth since the Medici Bank in the 14th century. Second, large scale MPC security measures avoid the accumulation of financial risk across Oracles or epochs. Third, the nodes operating the Oracle in a given epoch provide collateral to back the transferred values and finally, objective imbalances are compensated through a decentralized dispute process.”

The Partisia team is a pioneer in the MPC space, offering commercial-grade MPC software solutions to global enterprises since 2008. It has been involved in bringing the power of MPC to blockchain since 2017, gradually building a privacy-focused solution that ensures DeFi users get access to greater trust and security in moving their assets between individual ecosystems. By merging blockchains and ZK computations in a collaborative fashion, Partisia addresses the privacy and interoperability security issues of on-chain, off-chain, and cross-chain transactions. 

Read this next

blockdag

BlockDAG Redefines Crypto Mining as Presale Tops $18.5M, Outshining Ethereum ETF & Dogecoin Dynamics

The recent approval of the first Ethereum ETF in Hong Kong underscores a significant advancement in the cryptocurrency’s mainstream acceptance. While Ethereum continues to attract institutional attention, the Dogecoin price prediction suggests a possible resurgence, despite its current undervaluation from past highs.

Digital Assets

Bitcoin halving is done: ViaBTC mines historic block 840K

The Bitcoin network has confirmed its fourth-ever halving block, mined by the cryptocurrency pool ViaBTC, according to data from Blockchain.com. This significant event in the Bitcoin ecosystem reduced the mining reward by half, a deflationary measure occurring approximately every four years to control the issuance of new bitcoins and curb inflation.

Retail FX

True Forex Funds now offers Match-Trader and cTrader platforms

Proprietary trading firm True Forex Funds today announced the launch of Match-Trader, a multi-asset trading platform developed by California-based FX technology provider Match-Trade Technologies.

Retail FX

CySEC hits FXORO parent with €360,000 fine

The Cyprus Securities and Exchange Commission (CySEC) has fined MCA Intelifunds, trading as FXORO, a total of €360,000 for multiple violations of the Cypriot investment laws.  

Digital Assets

Binance’s CZ in good mood ahead of sentencing, says partner

Yi He, co-founder of cryptocurrency giant Binance, has shared a positive outlook on the legal situation of the exchange’s former CEO, Changpeng Zhao. Zhao is currently awaiting a sentencing hearing scheduled for April 30 in the United States.

Fundamental Analysis, Tech and Fundamental

Global FX Market Summary: USD, FED, Middle East Tensions April 17 ,2024

The Federal Reserve walks a delicate line, addressing high inflation through a hawkish stance while avoiding stifling economic growth.

blockdag

‘Kaspa Killer’ BlockDAG Goes To The Moon With $18.5M Presale, Draws Attention from AVAX and Kaspa Investors

Discover how ‘Kaspa Killer’ BlockDAG’s $18.5M presale and 400% surge positions it as the fastest-growing crypto, amidst AVAX’s anticipated market rally and Kaspa’s performance gains.

Tech and Fundamental, Technical Analysis

Bitcoin Technical Analysis Report 19 April, 2024

Bitcoin cryptocurrency can be expected to rise further toward the next resistance level 67000.00, top of the previous minor correction ii.

Digital Assets

Crypto.com denies setback in South Korean market entry

Crypto.com has refuted reports from South Korean media that suggested a regulatory hurdle might delay its expansion in South Korea.

<