Part 3: What can Blockchain do for MPC?
By Jesper Buus Nielsen, Professor and Chief Cryptographic System Designer, Partisia
In the third and final part of our MPC and blockchain blog series, we will take a look at what blockchain can do for MPC. The short answer is orchestration. Blockchain can solve a lot of mundane but very hard problems around orchestrating the setup and execution of an MPC solution.
The first commercial use of MPC was carried out by Partisia in January 2008. It was a decentralized exchange for contracts for future production on a commodity market. Since then, Partisia has been developing and selling MPC solutions to a wide range of markets. Some mundane problems are recurring.
Selecting Independent MPC Nodes
Using MPC always involves several independent servers. The security of MPC comes from the distribution across independent machines, so it does not make sense to have the same entity run all the servers. Practice shows that when setting up MPC solutions finding independent entities willing to set up and maintain servers is a surprisingly big hurdle. You end up having to sell one solution to multiple buyers while asking them to partially host it themselves. This is where Blockchain comes in. Instead of having the stakeholders of the auction set up servers, we can let a pool of MPC nodes be part of the blockchain alongside the baker nodes. When an MPC is to be run, the blockchain will provide the MPC software and then sample a set of MPC nodes for running the MPC.
Orchestrating Service Execution
Once the MPC nodes have been selected and set up, the service actually has to be run. This involves deciding when the MPC nodes should connect, when enough inputs have been collected to run the service, when to upload data, when to begin computing, and how to be agile in the case of crashes or dropped connections. Such orchestration is surprisingly hard in distributed systems, and basically boils down to the problem of distributed consensus or totally-ordered broadcast. All MPC protocols also use totally-ordered broadcast as an essential tool internally in their protocols to mitigate malicious or accidental inconsistencies. Conveniently, the blockchain can act as a totally-ordered broadcast channel which allows to orchestrate the execution of the MPC service. In fact, a large part of the claim to fame of the Bitcoin blockchain was that for the first time it solved the totally-ordered broadcast distributed problem in widely distributed peer-to-peer networks.
Recording Output and Moving Assets
When an MPC service has run it only outputs signals to the MPC nodes. In many cases these signals define some assets which should change ownership. The item of the auction should be exchanged for some currency say. Ownership of these assets cannot be moved by the MPC, they have to be transferred separately. If the buyer of an item refuses to pay for an item or a seller refuses to have sold an item, a legal dispute may arise. Setting up the contracts to handle this can be surprisingly cumbersome. Again, this is where blockchain can be useful. When running on a blockchain, the MPC can record the outcome on the blockchain itself. To go one step further, if the assets live on the blockchain it can even atomically transfer ownership of the involved assets directly on-chain.
Ecosystem
Finally, blockchain can provide MPCs with an ecosystem. It is difficult for one MPC to interact with other MPCs. They might not exist at the same point in time or be aware of what happens inside on the other MPCs. By hosting MPCs as privacy-preserving smart contracts the MPCs can plug into the strong ecosystem of blockchains.
This ecosystem can be used to maintain a reputation system for MPC nodes. Another technique facilitated by the ecosystem is to use escrowed coins on the blockchain to punish MPC nodes if they misbehave. Punishing cheating servers is interesting as it makes it easier to keep a majority of the servers honest. Punishing misbehaving MPC nodes in the pre-blockchain age was hard. An “off-chain” legal framework had to be set up and cheating somehow had to be proven to this legal framework. In the blockchain age punishing misbehaving servers is as easy as writing a smart contract.
The Perfect Match of the Crypto World
The first commercial use of MPC happened in January 2008. Bitcoin was introduced one year later in January 2009. Since then both technologies have matured immensely and are now converging. MPC helps blockchain with its privacy problems, while blockchain helps orchestrate MPC.
This merger of MPC and blockchain gives us fully programmable money, contracts, and data processing in a privacy preserving manner. In later posts we will dive more into details on how this is achieved by Partisia Blockchain and the services it enables.
About the author
Jesper is Professor in Computer Science at Aarhus University and also one of the co-founders of Partisia and Sepior. He is one of the top cited and publishing researchers in secure multiparty computation. Jesper’s primary research areas are secure multiparty computation, distributed consensus, and universal composability.
