Bitizen: The Leader of the MPC Wallet in the To C Track

Author: 0xCene

With the development of the decentralized world (the rise of emerging sectors such as DeFi, NFT, GameFi, etc.), users are increasingly frequent in using crypto accounts, and non-custodial wallets represented by MetaMask are gradually becoming popular due to their convenience and ease of use. However, we also see that these types of non-custodial hot wallets have risk points in key generation (creating cryptographic keys), key storage (protecting static keys), and key usage (interacting with various applications using key authorization). Especially when users access risky websites or interact with risky contracts through hot wallets, there is a high likelihood of asset security risks.

At its core, the control of a blockchain account is determined by a single private key (after more than a decade of development, the basic form of crypto accounts has not fundamentally changed). Although this seems to align with the ideology of decentralization, it indeed presents a mechanism flaw in terms of security, as the loss or leakage of the private key can lead to irreversible asset loss.

Industry Attempts to Improve Crypto Account Security

In the early days of the industry, "cold storage" of crypto assets, which isolates them from the internet, was considered one of the safest methods. Under the same conditions, cold wallets (offline software and offline hardware) are generally regarded as more secure than hot wallets, as cold wallets are not connected to any internal or public networks.

Cold wallets ensure absolute asset security by being isolated from the outside world, but we also see that these wallets have a high usability threshold, suitable only for a few people and specific scenarios. Meanwhile, cold wallets still store private keys in a single point, which does not prevent the possibility of key leakage when users use cold wallets.

To address the single-point risk issue of crypto accounts, there are currently two common solutions in the industry: one is multi-signature, and the other is a more optimal key management solution based on MPC (Multi-Party Computation).

Multi-Signature and MPC

1. Multi-Signature

The characteristic of multi-signature is that it is usually based on scripts or smart contracts to set the rules for signing (usually the number of authorized signers). For example, if three authorized parties jointly sign based on a signing algorithm and pass it to a smart contract, a transaction can be completed. Multi-signature is expected to further reduce asset security risks caused by single-point vulnerabilities and increase security. Multi-signatures typically occur on-chain and can decouple to a certain extent from the underlying signing algorithms.

Problems with Multi-Signature:

• Building multi-signatures requires adaptation to different chains, especially for chains that do not support smart contracts (or most of them do not support smart contracts), making it more challenging to construct multi-signatures, with poor multi-chain adaptability.
• Multi-signature wallets expose the number and potential relationships between signers, making it easier to trace their identities, and multi-signature contracts are on-chain.
• Developers of multi-signature wallets find it difficult to securely add new protocols, cannot change the number or members of the signing group, and must transfer funds from addresses to new multi-signature wallets to accommodate changes in group structure.
• Multi-signature transactions also require each signer to pay gas fees, adding extra costs for each party to complete a transaction, making it unsuitable for ordinary users, thus lacking widespread applicability and flexibility.

In contrast, MPC-based key management solutions have more significant advantages over multi-signature solutions.

2. MPC

Essentially, MPC is a cryptographic collaborative computing framework, broadly understood as multiple parties having private inputs to complete a computational task together while ensuring that their private inputs do not leak throughout the process, which occurs off-chain.

When a wallet is jointly created by multiple parties, the private key generated by the wallet will be divided into several fragments in some way and distributed among the parties. Based on the threshold signature algorithm of MPC itself, a valid signature can be generated without revealing the complete private key.

Advantages of MPC Technology:

• Private keys are managed through off-chain multi-party fragmented encryption, preventing single-point vulnerabilities.
• By generating signatures based on algorithms off-chain, it is more secure without needing to adapt to the underlying blockchain (providing broad applicability).
• Does not expose signing relationships.
• Design strategies can be more flexible (most processes are off-chain), allowing users to formulate their own fragment management strategies based on scenarios.
• Can easily change the number of Key Shares while keeping the receiving address unchanged (MPC can continuously refresh internally), further increasing security thresholds and reducing security risks.
• Physically separates the keys from the system, meaning that the true private key never appears throughout the entire key management lifecycle (MPC wallets typically "do not generate" private keys on the user side).
• Based on MPC, wallet products are expected to achieve a high-quality experience similar to Web2 products.

We see that MPC-based threshold signature solutions for constructing crypto wallets offer greater applicability, security, and flexibility.

Currently, the MPC wallet sector is becoming a new favorite in the crypto wallet field, and Bitizen is leading the new trend in this sector.

Bitizen: A New Form of Web3 Wallet

Bitizen is a Web3 crypto wallet built on the MPC solution, primarily using TSS (Threshold Signature Scheme) technology to construct multi-party computing key generation protocols (also known as distributed key generation) and MPC signature generation protocols, maximizing the advantages of the MPC technology solution. At the same time, Bitizen has established a unique mechanism that allows it to demonstrate certain advantages in security, ease of use, censorship resistance, privacy security, and multi-chain compatibility.

• Security and Censorship Resistance

Bitizen, based on MPC and MFA (Multi-Factor Authentication) technology solutions, eliminates the physical presence of private keys and mnemonic phrases, freeing ordinary users from the security anxiety of managing private keys and mnemonic phrases, allowing them to enjoy extreme security at zero cost. By creating wallets and generating signatures through MPC, there will never be a complete private key in any scenario, replacing all critical vulnerabilities of traditional hot and cold wallets and eliminating single points of failure.

During the account creation phase, Bitizen divides the private key into three independent key fragments based on MPC, with generation locations including the user's mobile phone, Bitizen's server, and the user's auxiliary devices such as computers, iPads, or a second mobile phone. When using the Bitizen wallet, users can choose whether to co-sign with the Bitizen server or connect their second device and co-sign a transaction based on a two-thirds threshold signing scheme (TSS).

This means that users do not need to overly rely on the Bitizen server as a signing partner. When issues arise with the Bitizen server, users can directly verify signatures through their two local devices. The Bitizen server merely acts as one optional collaborative node, and users can operate completely independently of the Bitizen server or any other third party (non-custodial), remaining uncensored and with a higher fault tolerance.

Currently, crypto wallets with MPC as a primary feature, such as ZenGo, still overly rely on servers. Users must connect to the ZenGo server and request its permission to use the joint computation of keys between the user and ZenGo to sign. ZenGo cannot access user funds, but without ZenGo's key sharing, users cannot sign their transactions.

Although ZenGo and Bitizen share similarities from the perspective of the MPC solution and both possess high security, ZenGo's semi-custodial nature presents certain risks, such as regulatory scrutiny from a regulatory body on a specific account at ZenGo, or the loss of ZenGo server data and refusal to approve user transaction signature requests, which could lead to transaction failures for users. From this perspective, Bitizen is considered to have certain advancements.

• Ease of Use and Multi-Chain Adaptability

Unlike the currently popular ordinary multi-chain wallets, users do not need to back up private keys, mnemonic phrases, etc., when creating crypto accounts with Bitizen. Web2 users can create wallets with a low threshold, aligning with the usage habits and logic of Web2 products, with the entire process from account generation to setup taking no more than one minute.

Bitizen supports 3FA security authentication. After installing the Bitizen application on their mobile phones, users only need to scan their faces for biometric authentication, add their email, and personal cloud storage such as iCloud, Google Drive, or Dropbox. If any level of 3FA is unavailable, the Bitizen wallet can quickly restore access through other additional options.

Currently, most non-custodial wallets still require manual backup of private keys, mnemonic phrases, etc. When devices are reset or private keys are lost, there is no recovery mechanism. Bitizen can help users recover through biometric features, cloud backups, and email.

Bitizen also supports all mainstream blockchains and tokens, including NFTs (ERC-721, ERC-1155, etc.), DIDs, and SBTs, making it an all-in-one Web3 wallet that can seamlessly interact with all DApps on the market through its built-in Web3 browser or WalletConnect, achieving all the functionalities of traditional non-custodial multi-chain wallets.

• Privacy and Security

As a decentralized MPC crypto wallet, Bitizen does not require KYC from users to prevent security risks from the Bitizen server that could lead to user privacy leakage.

At the same time, Bitizen further encrypts and desensitizes all user data, including biometric features during user backups and preference settings generated within the wallet, which will be stored in an encrypted manner. Only the user can decrypt and view this data locally on their phone, while other parties (including Bitizen's development team) cannot view, copy, or transmit user information. This allows users to use the Bitizen wallet with a high sense of security, without worrying about their wallet data being known by anyone.

Currently, Bitizen also provides developers with an SDK development toolkit, allowing more applications in GameFi/NFT, etc., to significantly improve the conversion rate when promoting Web3 applications to Web2 users through integration with Bitizen, potentially driving the Web3 ecosystem to the next level of development.

Bitizen: The Leader in the MPC Wallet To C Sector

From an industry perspective, the MPC technology solution is gaining high recognition in the crypto industry and is also seen as a new trend in the development of crypto wallets. However, from another perspective, although many Web3 wallet developers targeting C-end users are trying to develop in the MPC field, there are very few MPC wallet products that truly leverage the advantages of MPC technology and have complete, mature, and usable functions. This also means that the application of MPC technology in the crypto industry is still in its early stages.

Through the experience of the Bitizen product, we see that Bitizen's MPC wallet is already a relatively mature product, not only aligning with the usage habits of crypto users and traditional Web2 users but also achieving a qualitative leap in security for Web3 wallets based on MPC. As a Web3 ecosystem that places great emphasis on security, Bitizen has already partnered with authoritative security audit institutions in the Web3 industry and has completely opened the Bitizen source code for comprehensive security audits, with a security audit report to be provided soon.

While the vast majority of the MPC ecosystem is still in its "infancy," Bitizen's product has already demonstrated market capabilities and can essentially replace any existing type of wallet product in users' hands. This means that Bitizen is becoming the most mature solution with the most complete technical system in the MPC wallet sector, providing a certain reference significance for the development of the MPC wallet sector.

Conclusion

The design of the blockchain account system makes the private key the only element for obtaining control over crypto accounts. This mechanism design is unreasonable and limits the development of the crypto world. We see that the new crypto account system based on the MPC solution is reshaping the original crypto account system and further raising the ceiling of crypto asset security.

As a representative product in the To C MPC wallet sector, Bitizen maximizes the advantages of the MPC technology solution and excels in security, ease of use, censorship resistance, privacy security, and ecological compatibility. Bitizen not only builds a new order of Web3 asset security but is also driving the development of the Web3 world in a new transformative way.