To enable the average person to hold cryptoassets, we need solutions to manage private keys that are easier to use and more secure. The current solutions offer easy-to-use key management but make concessions on security and privacy. Fortunately new technology will enable private key management solutions that are still seamless but without the drawbacks of legacy solutions.

Legacy Solutions

A handful of private key management solutions have been around for years including Magic Link, Web3Auth, Venly and Bitski. They allow users to sign in with email or OAuth (i.e. Sign in with Google) and manage private keys for users under the hood. These legacy private key management solutions offer a slick user experience and have helped onboard millions of web3 users.

These offerings do come with tail risk, though. The aforementioned services take advantage of legal gray areas to argue they are non-custodial while being able to access or lose users’ private keys. Legacy private key management services generally work by using a user’s web2 login methods to back up their private key so that on subsequent logins a user can retrieve their backed-up private key. If these services disappear or turn out to be malicious, users will lose all their assets. Yet, they can claim to be non-custodial using the guideline that users can access their private key.

A common-sense, more restrictive guideline is whether someone else has access to the user's private key. Magic Link, Bitski and Venly are all custodial under this classification–there's folks at their companies with the ability to access users’ keys. Depending on how decentralized the Torus network is, which Web3Auth uses under the hood, there may be folks able to recreate Web3Auth keys as well.

An even better guideline to determine whether a service is custodial or non-custodial is whether someone else can lose the user’s private key. All four key management solutions are custodial with this guideline. For example, if Magic Link, Venly, or Bitski lost access to their AWS account (assuming they all use AWS as their cloud provider), all their users would lose access to their private keys, assuming they did not back them up prior (unlikely). As for Web3Auth, if enough Torus nodes go down, all Web3 auth users would lose their private keys (again assuming that users did not back them up prior).

State-by-state money transmission guidelines in the United States are generally created to protect consumers. When regulators look at private key management closely, they may consider the aforementioned solutions to be custodial. There’s a risk that companies providing these private key management solutions will be required to be money services businesses in the future and need to implement burdensome know your customer (KYC) processes when onboarding users.

Given risks associated with legacy private key management solutions, they are unlikely to be adopted by crypto-natives who are serious about security and censorship resistance.

New Solutions

There are newer solutions for private key management that look more promising. These solutions are using a combination of multi-party computation (MPC) signature schemes and secure enclaves like Intel SGX or AWS Nitro to create solutions that improve user experience and security for everyday users and cryptonatives alike. Let’s break down MPC and secure enclaves to better understand how they help.

With MPC, private keys are essentially split into multiple shares and then a predefined threshold of shares must sign a message for the signature to be valid. Imagine a 2-of-3 MPC scheme where:

• 1 share is on the user’s device,

• 1 backup share is emailed to the user in case they ever need to recover their key, and

• 1 share is kept with a trusted third party who can help provide a slick user experience.

With such a scheme, users get a slick user experience and no third party is capable of accessing or losing a user’s keys; the trusted third party only has 1 share which they can’t do anything with on their own.

Secure enclaves are isolated compute environments designed to process highly sensitive data like private keys (or private key shares). They support remote attestations which is a fancy way of saying that people can verify that the enclave is running the software they expect it to. (Remote attestations do require trusting that the server is running a secure enclave in the first place.)

Secure enclaves reduce trust assumptions. Imagine in the MPC scheme we discussed that the trusted third party is using secure enclaves. Even if an attacker was able to access 1 of a user’s shares, it’d be nearly impossible for them to hack the trusted third party.

In short, MPC removes the central point of failure that exists with legacy key management solutions (i.e. someone else can access or destroy a private key) and secure enclaves help reduce trust assumptions. Some key management solutions to look out for include Turnkey, Capsule, Portal, Utila, and Coinbase's WaaS. As these solutions are proven out, existing wallets will incorporate their tech to increase their security and user experience.

Conclusion

Key management options that are more secure with a great user experience are nearby. In many cases these solutions will be paired with smart contract wallets which we’ll discuss in the next post.

Technical Appendix

Private Keys

Private keys are random codes that can prove ownership over a public key. In most use cases, a computer generates a random private key and then uses the 3 algorithms provided by a digital signature scheme to use it.

1. Get the public key for a given private key. The public key is sometimes the user’s blockchain address.

2. Sign a piece of data with a private key

3. Get the public key that signed a piece of data

Multi-party Computation

Multiparty computation (MPC) is a branch of cryptography for doing computation among untrusted parties. The term MPC is often used synonymously in web3 which threshold signature schemes, which are schemes to split up private keys among untrusted parties as we discussed above.

Thank you to Shekar Ramaswamy for the feedback on this post.