💼
Cobo MPC Co-Managed Custody
English
English
  • Cobo MPC Co-Managed Custody
    • MPC-TSS Technology
    • Quick Start Guide
      • Cobo Custody
        • Manage Account
          • Team (Only Visible to Admins)
          • Me (Team Members)
      • TSS Node Deployment
      • MPC Wallet Management on Cobo Custody Web
    • Web User Guide
      • Add TSS Node
      • Create MPC Wallet(s)
        • Send / Receive Wallet
          • Manage Coins
          • Create and Manage Wallet Addresses
          • Export Addresses
          • View Transactions
          • Configure Risk Control Policies
          • Manage API
          • Manage API Callbacks
          • Manage Settings
        • Web3 Wallet
          • Create and Manage Wallet Addresses
          • View NFTs
          • Access DApps
            • Cobo Connect
            • MetaMask Institutional
          • View Transactions
          • Manage Coins
          • Configure Risk Control Policies
          • Manage API
          • Manage API Callbacks
          • Manage Settings
    • TSS Node User Guide
      • Network Requirements
      • Server Environment Preparation
        • SGX-Ready Server
        • Off-The-Shelf Server
        • Apple MacBook
      • TSS Node Deployment
        • TSS Node Package
        • TSS Node Initialization
        • TSS Node Startup
        • TSS Node on Cobo Custody Web & MPC Root Extended Public Key Derivation
      • TSS Node Callback
        • TSS Node Callback Mechanism
        • Callback Server Requirements
          • Callback Server Examples
        • Callback Server Configuration
        • TSS Node Configuration & Callback Server Startup
      • TSS Node Update
      • TSS Node Release Notes
      • Appendix
        • TSS Node Configuration Methods
        • TSS Node Command Lines
        • TSS Node Risk Control
    • MPC Key Share User Guide
      • MPC Key Share Management
        • Backup
        • Restore
      • Disaster Recovery
        • Soft Key Recovery
        • Hard Key Recovery
        • Third Party Key Recovery
    • Supported Tokens and Chains
Powered by GitBook
LogoLogo
On this page
  1. Cobo MPC Co-Managed Custody

MPC-TSS Technology

PreviousCobo MPC Co-Managed CustodyNextQuick Start Guide

Last updated 1 year ago

Cobo MPC Co-Managed Custody leverages the MPC technology to implement a threshold signature scheme (TSS). Using MPC-TSS technology, private key shares are created simultaneously by each party in a secure environment. These parties can then jointly sign transactions without ever exposing their key shares or materializing a private key at any time.

As the private key that executes transactions never exists or lives in any devices — rather, it is a collectively generated value, the MPC-TSS setup removes any single point of failure, making key theft and internal fraud and collusion more challenging for bad actors. This design ensures no one party can unilaterally move funds. MPC-TSS allows institutions and individuals a more agile and adaptable system, which secures their private keys with greater innovation and lower costs.

TSS Node is a program (which executes algorithms) provided by Cobo for clients to manage their MPC key shares. Clients are recommended to adopt a 3-party custodian solution and a 2/3 signature scheme. Under this scheme, 3 MPC key shares will be generated independently by Cobo, client and the entrusted third party. Each transaction signing will require the participation of at least two parties.

  • TSS Node 1: managed by Cobo and must be kept online at all times

  • TSS Node 2: managed by a third party entrusted by the client; it will be used for disaster recovery and does not need to be kept online

  • TSS Node 3: managed by the client and must be kept online for transaction signing

As shown on the diagram above, Cobo MPC Co-Managed Custody will be integrated into the Cobo Custody platform. The main components in Cobo Custody’s operating environment are:

  • Cobo Custody Web: a user interface

  • API gateway: API client can be developed for integration with the Cobo MPC Co-Managed Custody APIs

  • Risk control: Cobo Custody provides clients with flexible and customizable risk control policies; clients can set up a risk control mechanism based on their business needs

  • TSS Node 1: managed by Cobo

The main components in a client’s operating environment are:

  • Manual configuration (e.g. adding and changing TSS Node ID)

  • API client: used for integration with Cobo MPC Co-Managed Custody APIs

  • TSS Node 3: managed by the client and configured on Cobo Custody Web; it will be used for transaction signing and must be kept online

  • Callback server: used for risk control implementation; TSS Node 3 will send a callback request to the server every time a client’s MPC key share is used; TSS Node 3 will only execute tasks if the response returned by the callback server is an approval

The main components in a third party's operating environment are:

  • TSS Node 2: managed by the third party and configured on Cobo Custody Web; it will be used for disaster recovery and does not need to be kept online

  • Callback server: used for risk control implementation; TSS Node 2 will send a callback request to the server every time the third party uses its MPC key share