MPC Wallet

An MPC wallet uses multi-party computation (MPC) to replace a single private key with distributed cryptographic control. Authority is divided into several encrypted key shares held by different parties or devices. To authorize a transaction, a threshold of those shares run a protocol that jointly computes one signature, the full private key is never created, stored, or exposed at any single point.

No seed phrase to steal

Because the key is never assembled, there is no single seed phrase sitting on any one device for an attacker to capture. This is the defining advantage MPC custody markets to institutions: compromising one share, one server, or one operator is insufficient to move funds. Shares can also be refreshed periodically, an attacker who steals an old share finds it worthless after the next refresh.

How it relates to other schemes

MPC wallets are typically built on threshold ECDSA or threshold EdDSA. Unlike Shamir's Secret Sharing, MPC shares are not pieces of a key waiting to be glued back together; they cooperate to produce signatures without reconstruction. And unlike on-chain multisig, the resulting signature looks like an ordinary single-key signature, which aids privacy but removes the independent, on-chain auditability that script-based multisig provides.

A sovereignty caveat

Most MPC wallets in the wild are operated by custodians or vendors who hold one or more shares and run proprietary signing software. That can reintroduce counterparty trust, the very thing self-custody exists to eliminate. Evaluate carefully whether an MPC product leaves you in genuine sole control or simply repackages a third party into the signing path.