Hardware Security Modules Vs. Secure Multi-party Computation in Digital Asset Custody: the Drawback of Choosing Just One and What Happens When You Combine Them
October 13, 2021
Written by:
Juergen Eckel
Reading Time:

The most critical component in a digital assets system is the wallet. The wallet holds the private keys required to access and manage digital assets, and has three main responsibilities towards various user groups:

  • creating and safekeeping digital assets for drawing transactions,
  • storing a history of relevant transactions, and
  • generating and forwarding transactions to the respective currency network(s).

Various wallet solutions are on the market today, and each one has its own advantages and disadvantages. When it comes to wallets that are specifically designed for institutional use, they can be divided into two camps: those using secure multi-party computation (MPC) and those using hardware secure modules (HSMs). We believe that, while both have unique and relevant strengths, solutions of the future should cleverly combine both techniques. Here is why.


Non-institutional, individual, digital asset traders who do not trade via exchange platforms often rely on so-called hardware wallets. These hardware wallets (specialised USB dongles) are responsible for performing the required key generation, management and signing of transactions.

With hardware wallets, a trader can execute dozens of transactions per day with all the necessary security and reliability added. Yet, hardware wallets existing on today’s market do not support automatic trading and rely on human operations. And human operations are prone to error.

Digital exchanges often make use of the same wallet programs to manage their customer's/user's assets. The daily volume of digital currency transactions varies. These volumes can be very low for some exchanges, while others deal with medium to high transaction volumes. To provide more accessibility and liquidity, exchanges often centralise customer's assets in so-called hot wallets, from which all transactions either originate or depart. The advantage of these systems is that thousands of transactions per day can be carried out in dozens of digital currencies. This can be done in either an automated or, if necessary (depending on the total value of the transaction), a manual setup.

However, the disadvantage of these systems is a lack of security and transparency. Most major digital exchange breaches have been hot wallet breaches. In addition, the administration of digital currencies via classic databases and hot wallets also lacks regulatory suitability. The actual change of ownership is not documented in the Blockchain. Instead, it is stored and managed in classical databases by the exchanges for as long as the assets remain in custody.

If cold storage has operational vulnerabilities and a hot wallet comes with security flaws, then what should institutional grade custodians do to modernize their approach to custody? Lately, different technologies have been implemented to fulfill requirements for institutional grade, audited and highly secure digital asset platforms. A growing number of custodians are turning to hardware security modules (HSMs) as part of their security architecture and techniques such as secure multi-party computation (MPC).


A hardware security module is a tamper-resistant physical device that is isolated from external systems and used to generate and secure digital keys. HSMs are bank-proof, can secure authentication, encryption, and transaction signing and handle a large number of transactions at high speed.

Still, HSMs require physical access for deployment, maintenance and configuration. They do not support complex business logics, cannot secure cloud applications or scale without additional hardware. A single module can protect only a limited number of keys and deployment cannot be automated. HSMs can be used to achieve the necessary transaction throughput with thousands of signatures. But when it comes to being “compliant” with the requirements of the established financial industry and its regulators, using only HSMs is not sufficient. In addition, an HSM centralizes keys, which always adds a security risk. As such, HSMs are most suitable for high volume, low value transactions in traditional industries.

Independent systems are needed to ensure the ability to flexibly derive key addresses and to generate key pairs for the respective token. Being data compliant requires the anonymized linking of generated keys and key addresses to classic customer bank accounts, which an HSM is not capable of doing. All these “non-HSM” driven functions require another approach and technology.


Secure multi-party computation (MPC) is a subfield of cryptography that lets parties (or devices) cooperatively compute a function over their data without revealing it. The potential applications for MPC are huge, from data analytics, auction bidding and electronic voting to privacy preserving, data mining and key management.

When it comes to key management, the technology has clear benefits, such as:

  • eliminating the need for trusted third parties to keep data safe,
  • allowing users to keep data within their internal firewalls,
  • alleviating users from having to compromise between data usability and data privacy/security, and
  • meeting regulatory compliance requirements for cross-border transfers.

With MPC, participants in the process have no information beyond what is required to execute their individual function, and keys can only be compromised if all machines are breached simultaneously. Applied to key management, MPC allows the use of cryptographic keys without ever having them in a single place, thereby eliminating the key as a single point of failure. By distributing keys without sharing any sensitive information among the parties, the transaction is partially signed. The parties know their output and nothing else.

Moreover, MPC-based key management solutions enable access to real-time tamper-proof audit logs, support flexible advanced authorization schemes and can run in any environment.

Yet, MPC also has its disadvantages. For starters, it lacks scalability. When real-time performance is required, MPC is not sufficiently practical. In case an increasing number of parties is required to sign a transaction, the computation becomes too complex and slow. For this reason, secure multi-party computation is most appropriate for highly confidential transactions with low volume and (probably) high value.


There are two possible scenarios when combining these powerful mechanisms:

1. A solution that is flexible enough to allow switching of signing mechanisms according to the necessary requirements and use cases; or

2. A solution that combines the security strengths of MPC with the speed of HSMs.

However, either of these scenarios requires business logic to identify appropriate use cases, coordination to execute correct signing processes and confidential computing to protect sensitive information.

At RIDDLE&CODE, we have developed our own solution to enable this combination of signing techniques and have added the required orchestration and confidentiality. We named it the Policy Gateway. The Policy Gateway adds the flexibility of a custom business logic to the security of hardware. All operations are performed within the Trusted Execution Environment (TEE), which provides hardware-enforced code and data-in-use isolation.

The Policy Gateway performs and logs all processes preceding and following transaction authentication, achieving:

1. Full transparency and traceability of customers’ segregated digital token accounts;

2. The possibility to reconcile accounts per customer, per token, etc.;

3. Regulatory criteria for transparency and compliance with “know your coin” (KYC) and “anti-money laundering” (AML) regulations;

4. Compliance with financial and crime regulations by ensuring that digital currency accounts have historically never been part of criminal transactions (blacklisting and token forensics);

5. Guaranteed compliance with the frameworks for the digital trade of token units and

6. Complete recording of all initiated and successfully processed transactions, the persons carrying them out, the place and time, the amount, the fees, and the accounts involved for the purpose of logging, tracking, tracing, and real-time auditing.

By enhancing HSMs with secure multi-party computation, our solution is capable of orchestrating the best functionalities of the two mechanisms.

Related Articles
No items found.
Article headline