What is MPC custody?

A technical explainer for agent wallet builders

How Multi-Party Computation splits private keys across parties to reduce single points of failure in autonomous agent systems.

Definition

MPC (Multi-Party Computation) custody is a cryptographic approach to digital asset storage where a private key is mathematically divided into multiple shares. These shares are distributed among separate parties or devices. No single party ever possesses the complete key, and a predefined threshold of shares must cooperate to produce a valid blockchain signature. This architecture eliminates the concentration of risk at any single location while maintaining compatibility with standard blockchain signature verification.

How it works

The process begins with distributed key generation. Multiple participants jointly create the key shares through an interactive protocol. At no point does anyone see the full private key or another participant's share. The shares are typically generated using protocols based on Shamir's Secret Sharing or more advanced threshold signature schemes such as GG20, GG21, or CMP.

When a transaction needs to be signed, the required number of share holders—meeting the threshold—participate in a multi-round protocol. Each party contributes partial computations using their share. These partial results are combined to produce a single standard signature that is indistinguishable on-chain from a signature created with a conventional private key. The blockchain requires no special support; it verifies the signature normally.

The separation of shares provides containment if one party is compromised. An attacker who obtains a single share cannot sign transactions or reconstruct the key. For autonomous agents, this means that compromising the agent's runtime environment does not automatically grant control of funds. The agent typically holds one share, while the provider, a hardware security module, or the end user holds others. The blast radius of a breach is limited to the operations requiring that specific share, not full asset control.

Examples on agentwallet.md

Several products in the agentwallet.md directory use MPC custody. These implementations vary in threshold configuration, share distribution, and which party controls what:

Turnkey

Infrastructure for programmatic key management with MPC-based signing. Designed for developers building automated workflows and agent systems.

Coinbase AgentKit

Open-source toolkit for building AI agents with crypto capabilities. Uses MPC custody as part of its wallet architecture. Supports Base, Ethereum, Polygon, Arbitrum, and Solana.

Circle Programmable Wallets

MPC-based wallets optimized for USDC operations across Ethereum, Polygon, Solana, and Avalanche. Closed-source infrastructure with API access.

Privy Server Wallets

Headless server-side wallets using MPC for agents that operate without user interface. Supports Ethereum, Polygon, Base, and Arbitrum.

Crossmint

Compliance-focused MPC wallets with KYC integration and fiat on-ramp. Targets agents requiring regulatory alignment.

Frequently asked questions

What does MPC stand for in crypto custody?

MPC stands for Multi-Party Computation. It is a cryptographic technique that allows multiple parties to jointly perform computations on their private data without revealing that data to each other. In crypto custody, MPC is used to split a private key into multiple shares distributed across different parties or devices, so no single location holds the complete key.

Is MPC custody safer than holding a full private key?

MPC custody reduces certain risks compared to single-key storage. Because the private key is never assembled in one place, there is no single point of failure from key theft. However, MPC introduces complexity in key generation, share management, and recovery procedures. The security depends on implementation quality, the threshold configuration, and how shares are protected.

What is a threshold signature in MPC?

A threshold signature scheme is a specific type of MPC where a subset of key shares—called the threshold—must participate to produce a valid signature. For example, a 2-of-3 setup requires any two shares to sign. The blockchain sees a standard signature; the distributed computation happens off-chain. This differs from multi-signature on-chain contracts, which are visible on the blockchain.

Can an AI agent use MPC custody?

Yes. Several agent wallet providers listed on agentwallet.md use MPC custody specifically for autonomous agents. The agent may hold one key share while the provider or a hardware security module holds others. This limits the damage if the agent's environment is compromised, since the attacker would need additional shares to move funds. Examples include Turnkey, Coinbase AgentKit, and Privy Server Wallets.

What are the alternatives to MPC custody for agents?

Alternatives include: smart account custody, where programmable on-chain contracts control access with features like session keys and recovery; and custodial arrangements, where a third party holds the full private key and the agent operates through API permissions. Each model trades off autonomy, recoverability, and attack surface differently.