Cobo MPC Co-Managed Custody leverages the MPC technology to implement a threshold signature scheme (TSS). Using MPC-TSS technology, private key shares are created simultaneously by each party in a secure environment. These parties can then jointly sign transactions without ever exposing their key shares or materializing a private key at any time.

As the private key that executes transactions never exists or lives in any devices — rather, it is a collectively generated value, the MPC-TSS setup removes any single point of failure, making key theft and internal fraud and collusion more challenging for bad actors. This design ensures no one party can unilaterally move funds. MPC-TSS allows institutions and individuals a more agile and adaptable system, which secures their private keys with greater innovation and lower costs.

TSS Node is a program (which executes algorithms) provided by Cobo for clients to manage their MPC key shares. Clients are recommended to adopt a 3-party custodian solution and a 2/3 signature scheme. Under this scheme, 3 MPC key shares will be generated independently by Cobo, client and the entrusted third party. Each transaction signing will require the participation of at least two parties.

• TSS Node 1: managed by Cobo and must be kept online at all times

• TSS Node 2: managed by a third party entrusted by the client; it will be used for disaster recovery and does not need to be kept online

• TSS Node 3: managed by the client and must be kept online for transaction signing

As shown on the diagram above, Cobo MPC Co-Managed Custody will be integrated into the Cobo Custody platform. The main components in Cobo Custody’s operating environment are：

• Cobo Custody Web: a user interface

• API gateway: API client can be developed for integration with the Cobo MPC Co-Managed Custody APIs

• Risk control: Cobo Custody provides clients with flexible and customizable risk control policies; clients can set up a risk control mechanism based on their business needs

• TSS Node 1: managed by Cobo

The main components in a client’s operating environment are:

• Manual configuration (e.g. adding and changing TSS Node ID)

• API client: used for integration with Cobo MPC Co-Managed Custody APIs

• TSS Node 3: managed by the client and configured on Cobo Custody Web; it will be used for transaction signing and must be kept online

• Callback server: used for risk control implementation; TSS Node 3 will send a callback request to the server every time a client’s MPC key share is used; TSS Node 3 will only execute tasks if the response returned by the callback server is an approval

The main components in a third party's operating environment are:

• TSS Node 2: managed by the third party and configured on Cobo Custody Web; it will be used for disaster recovery and does not need to be kept online

• Callback server: used for risk control implementation; TSS Node 2 will send a callback request to the server every time the third party uses its MPC key share