Overview

MPC{dot}Snap is an innovative security suite that leverages Multiparty Computation to enhance account security beyond traditional hardware wallets. As exploits and attacks become increasingly sophisticated, keys with a single entry point are becoming more vulnerable. In the Polkadot ecosystem, hardware wallets don’t fully support all pallet functions, leaving many community members who store their keys digitally at greater risk.

Snaps was introduced to the public by Metamask in September 2023 and since then this architecture has been used for different use cases while providing users more functionalities with a similar experience and no learning curve. The biggest use case for Metamask Snaps so far is providing a compatibility layer for the non-EVM chains.

We already have the ‘Polkadot Wallet Snap by ChainSafe’ and ‘Polkagate Snap’ in the ecosystem providing just the compatibility layer for Substrate chains on Metamask. MPC{dot}Snap goes a step further. Instead of merely offering wallet compatibility, MPC{dot}Snap introduces a comprehensive suite of Snap-Dapp-App, offering a robust alternative to traditional hardware wallets through the power of Multiparty Computation. Hardware wallets become vulnerable once their keys or seeds are exposed. In contrast, compromising the MPC.Snap would require an attacker to breach two separate devices or access keys and seeds stored through two distinct methods or channels.

 

Impact

As MPC.Snap will support all the functionalities from existing pallets, overall it could turn out to be a better choice than hardware wallets, especially for community members who are looking to utilize the full potential of Polkadot ecosystem chains.

Outside of the EVM ecosystem, no other blockchain networks currently offer MPC-based Snap solutions. This presents a significant opportunity for the Polkadot ecosystem to introduce a leading, easily accessible, and highly secure wallet management solution. By doing so, Polkadot can not only enhance security for its users but also attract new users from other ecosystems, thanks to the minimal learning curve of the snap architecture inherited from Metamask.

In many regions, the cost of a phone is significantly lower than that of purchasing or importing a hardware wallet. This disparity creates a substantial barrier to accessible security for community members from various demographics and countries. MPC.Snap addresses this challenge by offering a more secure solution without any additional cost, as it can be utilized across two devices, with only one needing a camera. By lowering the entry barrier, MPC.Snap ensures that robust security is within reach for all users, regardless of their location or financial resources.

 

Project Details

MPC.Snap

MPC.Snap features an intuitive in-snap UI for conducting transfers and signing data, offering users a streamlined and efficient experience with or without companion dApp/UI. It securely holds the first key of the TSS {2,2} MPC pair, playing a critical role in our advanced security framework. Additionally, MPC.Snap is designed to be chain-agnostic, ensuring Polkadot ecosystem-wide support for all the substrate chains.

 

DApp

Our Dapp serves as the bridge between the MPC Snap and the mobile app, enabling a smooth pairing process. It’s built with user-friendliness in mind, providing easy onboarding and a guided pairing experience to ensure that users can set up their secure wallets in just a few simple steps. The recovery mode will also provide a guided experience for account backup & restore in case of device change. The DApp’s ‘Snap Store’ segment features all the snap-ready protocols from the Polkadot ecosystem, along with the support for convenient mini-apps.

 

Mobile Apps & SDK

The mobile apps, available on both Android and iOS, are designed for convenience and accessibility. Users can utilize either the front or back camera to scan the pairing QR code, ensuring a flexible and straightforward setup. With a focus on UX/UI, the app can support multiple accounts and holds the second key(s) of each TSS {2,2} MPC pair, working in tandem with MPC.Snap to provide unmatched security without a dedicated hardware requirement. The mobile SDK opens up a way for existing wallets to inherit the security of MPC.Snap with minimal effort.

 

sr25519-tss-js & ed25519-tss-js

This component is a powerful JavaScript library for two-party SR25519 MPC signing using FROST protocol, based on the proposed @noble/curves/sr25519 package by Paul Miller. The sr25519-tss-js library is not only crucial for our project but is also designed for reuse in other TSS {2,2} applications, making it a versatile tool for developers across the Polkadot ecosystem. Until the @noble/curves/sr25519 package by Paul Miller gets audited, we will use the existing @noble/curves/ed25519 to create the ed25519-tss-js package. So initially the MPC.Snap will be based on ed25519, while the sr25519 support will be added down the line before the public release.

 

Snap-readiness accelerator as a service

Snaps are not widely adopted by the Polkadot ecosystem projects, and most people are under the impression that snaps can be only used as wallets (but they can also be used for different use cases like mpc, accessibility, zk proofs, meta txs, analytics/visualization, automation actions, scheduling, etc.). We will have a weekly public working hour call (cohort) where projects from the whole Polkadot ecosystem can join and request to make their projects snap-compatible. If we don’t have any pending requests in a specific week, we will raise PRs ourselves to add snap compatibility to the remaining projects from the ecosystem.

 

Technical Flow

 

Team

Experience:

Edgetributor SubDAO is a collective of currently active solo contributors from the Edgeware DAO, one of the oldest substrate projects from the Polkadot ecosystem. The Edgetributors SubDAO members bring 3-4 years of Polkadot/Substrate ecosystem experience and expertise from different domains.

Our recent contribution to the ecosystem includes the Universal Substrate Faucet, widely adopted by numerous Polkadot projects and actively maintained by the Edgetributors SubDAO. Additionally, we have voluntarily curated the proposal to integrate the Polkadot ecosystem’s sr25519 curve into Paul Miller’s @noble/curves package, enhancing the scope for adoption by making the cryptographic capabilities more accessible in native JS/TS to developers.

Our expertise is further validated by our success in winning the Consensys track at the ETHforAll 2023 hackathon with our EdgeSnap project.

 

Ethos of Edgetributors SubDAO:

• Committed to developing generic/innovative substrate toolings and products.
• Upholding impartiality, with no preferential treatment towards Edgeware DAO.

Members:

• Shankar Warang
• C. Gagan Babu
• Pranav C Pawar
• Raj Raorane
• Rama Vats
• Ashutosh Sahu
  
  

Budget and Timeline

We plan to deliver the MPC Dot Snap within 6 months, ensuring full development and deployment. Post-launch, we will provide maintenance and support for an additional 6 months, all within the current budget framework.

The distribution as per the components:

• MPC.Snap
  • Estimated duration: 2 Months
  • Costs: 60000 USD
  • Deliverables: MPC engine (initiator), In-snap UI, Ecosystem-wide support with network/metadata/types handlers
• DApp
  • Estimated duration: 1 Month
  • Costs: 28000 USD
  • Deliverables: Pairing engine with database handler, Recovery mode, Snap store
• Mobile Apps and SDK
  • Estimated duration: 2 Months
  • Costs: 54000 USD
  • Deliverables: Android and iOS apps, Mobile SDK, MPC engine (listener), extrinsic visualizer
• sr25519-tss-js and ed25519-tss-js packages
  • Estimated duration: 1 Month
  • Costs: 26000 USD
  • Deliverables: Split KeyGen/Signing/KeySharing/zkProofs, two-round FROST implementation
• Maintenance and snap-readiness accelerator as a service
  • Estimated duration: 6 Months (after development)
  • Costs: 24000 USD
  • Deliverables: Regular maintenance of all 4 components, weekly snap-readiness cohorts, commitment towards JAM & Parachain-Service support

To successfully execute this project, we request a total budget of 192K USD.

This budget will cover the entire development phase, as well as the 6-month maintenance period, ensuring the project's smooth operation and integration into the Polkadot ecosystem on different levels.

Total: 192000 USDT

Multisig: 14XNJmoUzkvmh9cYoqG4axBRR4BWzWRbnFP79oiZgKu7V9bz

Benefits to Community

• Easily accessible security: Experience top-tier security without the cost barrier—better protection than hardware wallets, with zero expense. No need to worry about limited availability or steep import fees.
• Familiar Metamask experience: For those transitioning into the Polkadot ecosystem, enjoy the familiar feel of Metamask, while also benefiting from seamless, human-readable decoded details for extrinsics directly on the app.
• Priority assistance and custom feature implementations: The community gets priority support and tailored feature implementations at no extra cost—as we have done for the Universal Substrate Faucet our previous project for the Polkadot Ecosystem, whether it's chain-specific landing pages as requested by Integritee Network, permissioned chain support for Polymesh, or pre-filled address URLs, we've got you covered.
• Modular reusability: The sr25519-tss-js and ed25519-tss-js packages can be used by any other ecosystem projects looking to implement the MPC(2,2) protocol. And the mobile SDK will allow any existing wallets to add support for MPC.Snap with minimal efforts, making the robust security accessible to their users.
  
  

Call to action

We invite the Polkadot community to support this initiative. Your feedback and suggestions are crucial to refining and successfully implementing this project. Please share your thoughts and let us know how we can make this project a valuable resource for everyone.