Traditional software-as-a-service-based multi-party computation custodians are often seen as the “convenient” solution in the crypto universe, managing a staggering portion of decentralized assets. But the reality is that the convenience quickly wears off, revealing a host of limitations, unexpected risks, and challenges as you dive deeper into the technological aspects of protecting digital currency. 

Regardless of your decentralization versus centralization stance, it is essential to recognize that the appearance of private key control can be skewered by a lack of control in policy governance and infrastructure you do not run yourself.

The rise and risks of SaaS-based MPC wallets 

The emergence of SaaS-based MPC wallets has significantly impacted the crypto landscape, allowing businesses to manage digital assets with convenience and perceived security. These wallets are typically provided by tech companies that are currently positioning themselves more and more as non-custodial service providers. However, despite this label, these solutions still require users to trust a centralized party to coordinate signing and key generation securely, placing them high on the custody spectrum in terms of control over assets. 

This reliance on a centralized service provider creates a situation where control and security are not entirely in the hands of the institution using the service. While these tech providers do not operate as traditional third-party custodians, such as BitGo or Anchorage—highly regulated and offer fully managed custodial services—they still introduce a central point of control and potential vulnerability. As used by both SaaS-based providers and traditional custodians, MPC technology involves splitting cryptographic keys required for transactions into multiple parts distributed among various parties to enhance security. 

However, in the case of SaaS-based solutions, the centralization of these services within a few dominant players introduces new risks. One of them is that these providers become attractive targets for hackers due to their significant control over many clients’ assets, creating a vulnerability similar to that of centralized exchanges. Two, the concentration of control in these SaaS-based models not only increases security risks but indirectly limits the autonomy of crypto businesses.

By relying on an external provider to manage critical aspects of digital asset security, institutions may find themselves constrained in managing policies, procedures, and the overall governance of their assets. This centralization stands in contrast to the decentralized ethos of the crypto industry, where individual sovereignty over digital assets is paramount.

The challenges of dependency and trust in MPC custodians 

While MPC wallets often claim to be non-custodial because the institution holds part of the key, the reality is far more complex: the heavy dependency on third-party vendors for day-to-day operations, security, and service availability introduces significant risks. Despite the customer institution holding a key share, all other components affecting the use or potential misuse of key shares remain under the vendor’s control. This setup creates vulnerabilities around key signing integrity but, even more importantly, introduces friction into the customer experience, an operational risk that should be accounted for.  For instance, any policy change can take up to a few weeks if it is not prioritized by the vendor, posing significant delays and operational inefficiencies​.

Analyze this potential impact further. MPC wallets can have longer transaction times, and their reliance on vendors for routine account changes and maintenance can be problematic. If a team member leaves, revoking their access is done at the vendor’s tempo. It can take considerable time, resulting in a period where the security of assets may be compromised. Additionally, service downtimes for maintenance during business hours can disrupt operations. Plus, in disaster scenarios, asset recovery can take up to 48 hours—a period that is far too long for any organization dealing with high-value transactions. These operational dependencies can be highly inconvenient. Ultimately, they pose security risks that contradict what decentralization stands for—namely, running your own wallet infrastructure.

For regulated financial institutions or firms with stringent security requirements, these dependencies are deal-breakers. That’s because the operational risks and costs associated with relying on third-party MPC wallet solutions are often unacceptable to internal risk teams. These teams are unable to get comfortable with the inherent uncertainties and potential for delayed response times that these products entail. Consequently, many MPC wallet solutions fail to pass the rigorous scrutiny of risk assessments, preventing them from being adopted by institutions that require the highest levels of security and operational control​.

A new paradigm for crypto custody

If the incumbent SaaS solutions represent the ‘trust us’ model, the ideal solution should transition towards a ‘trust but verify’ approach and, ultimately, a ‘never trust, always verify’ model. This shift empowers customers to partially or fully host the software, granting them control and ownership of critical IT infrastructure. By eliminating the opaque operations inherent in black box SaaS solutions, institutions not only mitigate operational risks hidden in the friction of operating in a third party’s sandbox but also enable more agile and flexible infrastructure management.

This enhanced control supports better risk management and allows institutions to adapt quickly to market demands, ultimately driving revenue growth and positively impacting the bottom line.

A practical solution integrates critical management and policy controls into a comprehensive platform, allowing institutions to manage their digital assets within a zero-trust security framework. This architecture continuously validates every interaction, eliminating implicit trust and enhancing security. By adopting a service-oriented architecture, institutions can tailor the system to their unique requirements, ensuring scalability, high performance, and robust security. 

Current market offerings, which rely entirely on SaaS-based MPC wallets, place undue trust in vendors who control all components, including cryptographic processes, keys, policies, and transaction data. By moving towards solutions that enable institutions to own and control critical parts of their digital asset infrastructure, the industry can mitigate risks and reduce vulnerabilities while operating more closely to the principles of decentralization. Such a transformation is essential for fostering trust and security in the rapidly evolving crypto landscape​.

Now is the time for institutions to take control of their policies. By adopting models that provide partial or complete control over key management and policy enforcement, institutions can better align with the correct treatment and oversight of service providers or outsourcing arrangements. This paradigm shift is essential for the industry’s future, and it’s something that is poised to safeguard crypto’s core values while paving the way for continued innovation and trust.

Haden Patrick

Haden Patrick is the director of business operations of Cordial Systems, a provider of institutional-grade self-custody software using a zero-trust security model.  Haden has executive experience in team leadership, engineering, and education originating from his 24-year career as a Naval Officer. After co-founding SoloKeys, the first open-source security key company, he managed projects connecting web3 to traditional finance at a cryptocurrency trading firm before joining Cordial Systems.