MPC (Multi-Party Computation) Custody Technology — BNVDA Encyclopedia

MPC (Multi-Party Computation) Custody Technology

Multi-Party Computation (MPC) is a cryptographic technique used in institutional digital asset custody where private key generation and transaction signing are distributed across multiple independent parties. No single party ever holds the complete private key, and the key material is never reconstructed in a single location at any point during its lifecycle. This approach eliminates the single point of compromise that traditional custody models present, providing institutional-grade security for the digital asset custody market that reached $708 billion in 2025 and is projected to reach $1.6 trillion by 2030.

The Private Key Problem in Digital Asset Custody

Digital assets on blockchain networks are controlled by private keys, cryptographic strings that authorize transactions. Whoever possesses the private key controls the assets. In traditional custody, this creates a fundamental security challenge: the private key must exist somewhere, and wherever it exists, it can be stolen, lost, or misused.

Early custody solutions stored private keys in hardware security modules (HSMs), air-gapped computers, or paper wallets. While these approaches provided physical security, they introduced operational complexity, slow transaction execution, and single points of failure. If the HSM was compromised, all assets were at risk. If the paper wallet was destroyed, assets were permanently lost.

Multi-signature (multi-sig) technology, pioneered by BitGo in 2013, addressed some of these concerns by requiring multiple independent keys to authorize a transaction. Under a 2-of-3 multi-sig scheme, for example, three keys are generated and distributed to different parties, and any two must sign a transaction for it to be valid. This eliminates the single key as a point of failure but introduces its own challenges: key management complexity, on-chain visibility of the multi-sig structure, and blockchain-specific implementation requirements.

How MPC Custody Works

MPC custody takes a fundamentally different approach. Rather than creating multiple complete keys, MPC uses a cryptographic protocol to generate key shares that are distributed across multiple parties. These shares are never combined, and no party ever sees the complete key. When a transaction needs to be signed, the parties engage in a multi-round computation protocol that produces a valid signature without any party revealing their key share to the others.

The process works through a technique called threshold signing. In a 2-of-3 MPC setup, three key shares are generated. Any two share holders can participate in a distributed signing protocol that produces a valid digital signature, but neither participant learns the other’s key share during the process. The resulting signature is indistinguishable from a signature produced by a single key, meaning the blockchain network treats it as a standard transaction.

This architecture provides several advantages over multi-signature schemes. MPC signatures are blockchain-agnostic because they produce standard signatures that work on any blockchain, regardless of whether that blockchain natively supports multi-signature transactions. Multi-sig, by contrast, requires blockchain-specific implementations and is not supported on all chains. MPC also produces smaller on-chain footprints because the signature appears as a single signature rather than a collection of multiple signatures, reducing transaction costs.

Key refresh is another critical MPC capability. The key shares can be periodically refreshed, generating new shares that collectively represent the same underlying key without changing the associated blockchain addresses. This means that even if an attacker compromises one share at a specific point in time, the share becomes useless after the next refresh cycle. Multi-sig keys, once generated, are static and cannot be refreshed without creating new addresses and migrating assets.

Fireblocks and the Institutionalization of MPC

Fireblocks pioneered the application of MPC technology to institutional digital asset custody, building a platform that has secured over $10 trillion in digital asset transactions across 2,000+ organizations. The company’s MPC implementation combines distributed key generation with hardware isolation, creating multiple layers of security that protect against cyber attacks, internal fraud, and human error.

The Fireblocks Trust Company, regulated by the New York State Department of Financial Services (NYDFS), operates as a qualified custodian with MPC as its core security technology. The trust company manages 300+ million wallets across 100+ supported blockchains, demonstrating MPC’s scalability for institutional-scale operations. Notable clients include BNY Mellon, Galaxy, and Revolut.

Fireblocks’ tokenization platform leverages MPC custody to provide end-to-end mint, custody, distribute, and manage capabilities for tokenized assets. Deploy smart contracts across 35+ blockchains with MPC-secured wallets, execute automated lifecycle management from issuance to secondary trading, and maintain real-time monitoring with audited reporting. The platform’s integration with Chainlink for regulated stablecoin issuance demonstrates how MPC custody serves as the security foundation for broader tokenization infrastructure.

In February 2026, Fireblocks integrated secure custody for Canton Coin on the Canton Network, bringing MPC security to the privacy-enabled institutional blockchain used by Goldman Sachs, HSBC, and JPMorgan. A pilot to tokenize U.S. Treasuries on Canton in 2026 further positions MPC custody as the security standard for institutional tokenized asset operations.

Hybrid Approaches: BitGo’s Multi-Sig Plus MPC

BitGo, which custodies $104 billion in digital assets with zero hacking losses over more than a decade, uses a hybrid approach that combines multi-signature and MPC technologies. This hybrid model leverages multi-sig’s proven track record and deep audit backing with MPC’s flexibility and blockchain-agnostic capabilities.

BitGo’s hybrid architecture provides deep asset breadth, supporting approximately 1,500 assets across 60+ blockchains. The multi-sig component provides the on-chain security guarantees that institutional auditors and regulators are familiar with, while the MPC component extends support to blockchains that lack native multi-sig functionality. The company’s $250 million insurance policy covers assets under this hybrid custody model.

BitGo’s January 2026 filing for a $200 million NYSE IPO, with Goldman Sachs and Citigroup as underwriters, marks the first crypto custody firm to go public in 2026. The company’s OCC national bank charter, approved in December 2025, alongside MiCA-compliant licenses in Germany and VASP approvals in Dubai, positions BitGo as a multi-jurisdictional custody provider that leverages hybrid MPC technology.

MPC versus Other Custody Technologies

The custody technology landscape offers several alternatives to MPC, each with distinct trade-offs. Hardware Security Modules (HSMs) provide physical security for key material through tamper-resistant hardware devices. Used by Komainu through its Ledger partnership and by traditional bank custodians, HSMs offer physical security guarantees but require specialized hardware infrastructure and can create operational bottlenecks for high-frequency operations.

Traditional multi-signature wallets remain widely deployed. Their primary advantage is the on-chain verification of the multi-party authorization, which provides transparency that MPC does not offer. However, multi-sig’s blockchain-specific implementation requirements and on-chain cost overhead make it less flexible than MPC for institutions operating across multiple chains.

Shamir’s Secret Sharing (SSS) is sometimes confused with MPC but operates differently. SSS splits a key into shares that must be combined to reconstruct the original key before signing. This reconstruction step creates a vulnerability: at the moment of signing, the complete key exists in a single location. MPC never reconstructs the key, maintaining its security guarantee throughout the signing process.

Institutional Requirements and Compliance

Institutional custody requirements extend beyond key security to include regulatory compliance, operational controls, and governance frameworks. MPC custody platforms must integrate with AML screening, wallet verification, travel rule compliance, and policy engines that enforce institutional governance rules. Fireblocks addresses these requirements through built-in compliance features and a next-generation policy engine for governance.

The regulatory landscape for MPC custody has clarified significantly. The repeal of SAB 121 through SAB 122 removed capital requirements that made crypto custody prohibitively expensive for banks. The GENIUS Act codified federal standards for digital asset safekeeping. OCC charters granted to Anchorage Digital, Fidelity Digital Assets, and BitGo established that crypto-native firms using MPC and related technologies can operate as nationally chartered banks with full fiduciary obligations.

The EU’s MiCA framework requires crypto-asset service providers to meet specific custody standards by mid-2026, creating demand for MPC-based custody solutions that can demonstrate compliance with European regulatory requirements. The convergence of institutional demand, regulatory clarity, and MPC technology maturity positions MPC custody as the institutional standard for tokenized asset markets approaching $26.4 billion in value.

MPC Custody for Tokenized Fund Products

The tokenized money market fund market at $9 billion in TVL requires custody infrastructure that supports the full fund lifecycle. BlackRock’s BUIDL fund, with nearly $3 billion in AUM deployed across eight blockchains, relies on MPC-secured custody through Fireblocks for its tokenization operations while BNY Mellon provides traditional qualified custody for the underlying Treasury assets. This dual-custody model illustrates how MPC technology secures the blockchain layer while traditional bank custody secures the underlying assets.

Franklin Templeton’s BENJI ($1 billion+ AUM), JPMorgan’s MONY ($100 million seed capital), and Ondo’s OUSG each use MPC-based custody infrastructure for their tokenized fund operations. The multi-chain deployment pattern for these products, with BUIDL spanning eight chains and BENJI operating on five, requires MPC custody that can manage key material across multiple blockchain environments simultaneously.

Tokenized bond custody presents additional complexity because bonds have lifecycle events including coupon payments, maturity redemptions, and potential call provisions. MPC custody must support the smart contract interactions required for these events while maintaining the security guarantees that institutional fixed-income investors demand. The HSBC Orion platform’s $3.5 billion in digitally native bonds demonstrates that institutional-grade custody, including MPC-based solutions, can handle the operational complexity of tokenized bond lifecycle management.

Future of MPC in Institutional Finance

The trajectory of MPC custody follows the broader institutionalization of the digital asset market. As the market grows from $26.4 billion toward BCG’s $16 trillion projection by 2030, the custody infrastructure must scale accordingly. MPC’s computational overhead, while minimal for current transaction volumes, will need to demonstrate performance at orders of magnitude greater scale.

The Canton Network’s integration with Fireblocks demonstrates how MPC custody extends to privacy-enabled institutional blockchains. The ECB’s DLT settlement initiative will create additional demand for MPC-secured custody that interfaces with central bank money settlement. Swift’s integration with Chainlink, connecting 11,500 banks to blockchain infrastructure, expands the universe of institutions requiring MPC-grade custody security for tokenized asset operations.

MPC and Compliance Automation

MPC custody platforms integrate with compliance infrastructure to provide automated AML screening, wallet verification, and Travel Rule compliance alongside the cryptographic security of distributed key management. Fireblocks provides built-in AML screening that evaluates the compliance risk of counterparty addresses before authorizing transactions. The Next-Generation Policy Engine enforces institutional governance rules including transaction limits, multi-approval workflows, and time-based restrictions.

This compliance integration means that MPC custody is not solely a security technology but a compliance enforcement mechanism. Institutional policies that would require manual approval processes in traditional custody can be encoded as automated rules in MPC custody platforms, reducing operational risk while maintaining the governance controls that regulators and auditors expect. The combination of cryptographic security through distributed key management and automated compliance through policy engines creates a custody architecture that addresses both the security and regulatory requirements of institutional tokenization.

MPC Custody Market Economics

The economics of MPC custody reflect the broader maturation of the digital asset custody market. Custody fees have compressed as competition between providers intensifies. BitGo, with $104 billion in assets under custody and trailing nine-month revenue of $140 million, generates approximately 13 basis points in annualized revenue on custodied assets. This fee level approaches traditional custody economics, where bank custodians charge 1 to 10 basis points depending on asset class and service level.

The custody market’s growth from $708 billion in 2025 to $1.6 trillion by 2030 creates a commercial opportunity that justifies continued investment in MPC technology development. As tokenized bonds ($10 billion+ issued), money market funds ($9 billion TVL), and real estate ($10 billion+) expand, the volume of assets requiring MPC-grade custody will grow proportionally. The IPO pipeline for custody firms, including BitGo’s $200 million NYSE filing and Anchorage Digital’s speculated offering, will bring MPC custody economics under public market scrutiny, creating transparency around the technology’s cost structure and competitive positioning.

The quantum computing threat to MPC custody architectures represents a long-term technology risk that institutional custodians are beginning to address. Current MPC implementations rely on the computational difficulty of factoring large numbers and solving discrete logarithm problems, both of which quantum computers could theoretically solve efficiently. Post-quantum cryptographic algorithms, including lattice-based and hash-based schemes, are being evaluated for integration into next-generation MPC custody systems. Fireblocks and other leading custody providers are monitoring NIST post-quantum cryptography standards development to ensure that MPC custody architectures can transition to quantum-resistant algorithms before quantum computing capabilities reach the threshold required to threaten current cryptographic protections.

Updated March 2026. For corrections or additions, contact info@bnvda.com. For detailed analysis, see our RWA Markets, Infrastructure, Asset Classes, and Regulation sections.