Skip to main content

Understanding MPC Shares

MPC (Multi-Party Computation) shares are cryptographic key shares that work together to create digital signatures without ever reconstructing the complete private key. Dynamic uses threshold signature schemes (TSS) for secure, distributed signing operations.

Core Concept: Share Coordination, Not Acquisition

Users don’t acquire shares - they use their existing share along with a JWT to authenticate with Dynamic. Dynamic then confirms the user’s identity and coordinates the signing process between the shares using zero knowledge proofs.

How It Works

1. Authentication & Coordination

  • User presents their JWT to Dynamic for authentication
  • Dynamic confirms the user’s identity and retrieves the encrypted server share
  • Both parties coordinate through the MPC relay without sharing sensitive data

2. Zero Knowledge Proof Signing

  • The user’s share and Dynamic’s server share work together
  • Each share contributes to the signature without revealing its contents
  • Zero knowledge proofs ensure no party learns about the other’s share
  • The complete private key is never reconstructed

3. Secure Communication

  • All coordination happens through encrypted channels
  • The MPC relay manages the ceremony without storing sensitive data
  • Each signing operation is isolated and stateless

Share Types

For detailed information about the different types of shares used in MPC, see Share Types in MPC Fundamentals.

Key Benefits

  • No Key Reconstruction: Complete private key never exists
  • Zero Knowledge: Parties prove knowledge without revealing shares
  • Secure Coordination: JWT-based authentication with encrypted communication
  • Stateless Operations: Each signing ceremony is isolated and secure

Summary

MPC shares in Dynamic work through coordinated signing where users authenticate with JWT, then their share and Dynamic’s share coordinate signatures using zero knowledge proofs. This ensures security without ever reconstructing the complete private key, while maintaining user control and providing seamless authentication.
I