We are at the beginning of a new decade and there is a lot of excitement in the technology space, due mainly to the emergence of new technologies like blockchain, artificial intelligence (AI), robotic process automation (RPA), and financial instruments and concepts involving digital assets and cryptocurrencies like Bitcoin and Ethereum. In 2019, we saw a race among the leading financial services enterprises, who sought to establish their leadership positions. These enterprises included J.P. Morgan, Bank of New York Mellon and Banco Santander along side newly emerged players like Bakkt and Fidelity Digital Assets focuses only on digital assets.
For most large retail and investment banks, blockchain technology makes sense only when it is applied to a large network and at scale. Logically, we saw the launch of private banking networks like the Interbank Information Network (IIN), which boasts 365 members, and Utility Settlement Coin (USC), whose participants include Credit Suisse, ING and UBS, eventually offering back-end post-trade processing and transaction reconciliation services among banks. However, in this new paradigm of business models, among the main issues that arise from the full embracing of blockchain is the increased need for enhanced data privacy and security, as well as the ensuing questions regarding how this can be achieved in a truly decentralized, safe and compliant way.
Enter multi-party computations (MPCs)
Secure multi-party computations are ways of computing a function, based on a set of inputs by parties who don’t trust each other, without revealing the inputs (i.e., keeping them private). With the media buzz surrounding privacy-related technologies like zero-knowledge proofs, MPCs are filling a niche where the rest are failing. At the end of the day, a zero-knowledge proof is only a special case of two-part computation, where MPCs can scale up to thousands of participants computing a function in minutes, as one of the leading MPC providers, Ligero, has proven. That’s not all. The major benefit of secure MPCs is that they provide correctness, enhanced privacy, independence of inputs, fairness, and guaranteed output delivery.
So, what are the possible use cases for MPCs? Following, I describe several real-world financial services scenarios in which the use of secure multi-party computations provides a solution to existing business and technical pain points.
· In fighting AML fraud in the banking sector, J.P. Morgan Chase could be sharing sensitive information about financial transactions with Deutsche Bank and the 364 other member banks on its own Interbank Information Network. Currently, it is very expensive and difficult for a single bank to identify suspicious transactions and have complete end-to-end visibility, due mainly to data privacy regulations and bank-to-bank competition. However, when private data and transactions are shared between banks as a result of MPCs that reveal the outcome but not the input data, we can have a regulation-compliant and end-to-end auditable solution.
· Large cryptocurrency custodians like Fidelity, Northern Trust, Bank of New York, State Street, and Bakkt can leverage MPCs when providing an evidence for private funds existence without revealing the details and amounts. For example, transactions can be signed by a subset of authorized entities, like three out of five regulators, two out of three customers, and three out of five custodian compliance managers. This, in total, enables eight out of thirteen members, which is enough to complete the signing ceremony.
· BitGo, Coinbase Wallet, and other large cryptocurrency wallet providers can leverage the benefits of MPCs over current cold storage or hardware security modules (HSMs) solutions, as MPCs are safer, faster, and easier to use than current multi-signature wallets. By nature, MPCs are decentralized, so they completely avoid the single point of failure dependency from existing solutions.
· Legacy and digital asset exchanges like the New York Stock Exchange, Nasdaq, Coinbase, and Binance could be sharing KYC data among themselves while safely reporting trading activity and compliance data with external regulators. In particular, the cryptocurrency exchanges could also leverage MPCs instead of cold storage and, thus, provide instant liquidity while increasing their trading volumes and customer satisfaction. Similar technical solutions have become crucial in 2020, when trading fees are trending toward zero.
· New business models can be created by large cloud and infrastructure providers like Amazon Web Services (AWS) and Microsoft Azure, as MPCs can provide Security as a Service and Privacy as a Service models at scale for any niche and vertical.
· Regulators are already warming up to the technology, as evidenced by the fact that multi-party computation-based startups accounted for most of the startup submissions that England’s Financial Conduct Authority (FCA) TechSprint received for fighting AML.
· Multi-party computations can be used in conjunction with machine learning (ML) when one is dealing with large volumes of transactions or KYC data between financial services enterprises, custodians, broker-dealers, and regulators. This way, the use of MPCs could lead to a data-driven and privacy-friendly way of engaging in early-stage detection of fraud, thereby resulting in massive savings.
Overall, the use of secure MPCs could make hardware security modules (HSMs) obsolete, as HSMs can be expensive and slow ways of providing a trusted execution environment. HSMs also present issues with scaling and security. There is also a strong demand from Venture Capital investors in MPC-focused companies and we saw the increase in startups that focus on multi-party computation research and services like the previously mentioned Ligero. Additionally, Curv and Unbound are focused in the same space.
Our first product is an MPC protocol for a setup ceremony (similar to the ZCash and Aztec ceremony) that we built for the VDF Alliance (steered by the Ethereum Foundation) and runs in under 5 minutes up to 1000 parties and 30 minutes for 10000 parties.
Multi-party computations represent a truly exciting technology that will pick up speed in the new decade. They have been a vital part of Hyperledger Avalon, which focuses on off-chain computation, while the other major enterprise blockchain player, R3, is also researching trusted computation in its own project, Conclave. More to that we already have MPCs taking the main stage at cryptocurrency conferences like Real World Crypto 2020 and are excited to see their outcome in real-world financial services scenarios when they are used in large enterprise blockchain enabled models.