MPC vs. AA

In the history of blockchain / crypto, there is always a tradeoff between security and usability. Multi-Party Computation (MPC) and Account Abstraction (AA) each offer unique and innovative solutions to safeguard transactions. MPC distributes sensitive data across multiple parties so that no one entity possesses full control, while AA simplifies user interactions with wallets by abstracting complex cryptographic operations. The debate today is all about MPC vs. AA, but they are really more complementary technologies. Below I'll explore what the crypto wallet stack looks like, what each technology is all about, and the pros and cons.

The Wallet Stack

  1. User Interface

  2. Authentication - confirm ownership

  3. Transaction Formation - contract, parameters, gas

  4. Transaction Verification - confirm that this is what you want to do

  5. Transaction Signing

  6. Node Infra - submitting the tx to the chain

In the past, you could only transfer and hold cryptocurrencies. You could only interact with balances and transfers. When ERC-20s came about, we could support multiple assets, and we got Metamask. But then in the latest crypto boom, we now support several DeFi use cases and NFTs and have even more wallet options.

Modern Wallet Examples

  • Vertical specific wallets e.g. supporting certain Dapps

  • Wallets that integrate into protocols for specific functions e.g. NFT purchases

Wallets are specializing left and right, the great unbundling and rebundling trend that we've seen in Web2 tech. This means that crypto is expanding outside of the early adopters and entering the realm of the "rest of the world". What will be most accessible to mainstream users though? Is this the first rebundling we are seeing in crypto? Are the lower infra layers mature enough to support a solid application layer?

I'll explore MPC and AA, two separate ideas that have arisen in the latest wallet innovation.


"Not your keys, not your coins" has resulted in $100bn+ lost / stolen for a decade now. Lost seed phrases or private keys is super stressful and inhibits mainstream adoption. The tech itself is actually many years old, but applying the tech to crypto wallets is a new phenomenon.

Fireblocks is the "gold standard" for MPC cryptography and custody, but they serve institutions. Coinbase also announced support for an MPC-powered Dapp browser insider their wallet. But the littler businesses and everyday users deserve the same security and simplicity!

The status quo for the rest of us is either to 1) self custody with private keys, using an on chain wallet or 2) custody in a CEX, giving up control and on chain access for someone else to manage the security.

MPC is a bit of a hybrid. The concept is that 2+ parties jointly compute a function without revealing their inputs. In crypto, this means being able to manage keys without a single point of vulnerability (e.g. losing a seed phrase), where multiple parties (like a phone or server) can perform all the cryptographic calculations necessary (like tx signatures / verification), without any of them revealing their secrets. Even if there is an attacker, they can't access all your "secret shares" at the same time. There are no private keys / seed phrases involved with MPC.

MPC enables on chain asset management systems without a single point of failure, increasing security for self custody options (no private keys can be stolen) and overall key loss (each party can back up their secrets individually without sharing or compromising the system).


  • Easy to recover - no more lost or stolen seed phrases

  • No single point of failure

  • Off-chain cryptography

  • End user has no costs

  • Chain agnostic (multi sigs do not support every blockchain) - operates in the mathematical layer and therefore can be applied across many different blockchain


  • More computational overhead - could be slower and more expensive. Harder to do atomic transactions.

  • Hard to pre-fund transactions programmatically on-chain

If MPC goes more mainstream, people can have many different wallets to store their assets instead of putting all your eggs in 1 basket.

Sample MPC wallets

  • Fireblocks

  • Coinbase

  • ZenGo - consumer facing

MPC vs Multisig

Multisig wallets are NOT protocol agnostic (or rather very difficult to do so) and are inflexible from an operational standpoint e.g. transferring digital assets. Multisig is more about multiplying your keys and giving everyone a set while MPC is about giving everyone a different key.


Issues with Self Custody

There are 2 types of Ethereum accounts

1) External Accounts

External accounts cost nothing to create, can initiate transactions, need a cryptographic pair of keys, and typically only move money in ETH between externally owned accounts. For example, MetaMask is an EOA.

2) Contract Accounts

Because you are using network storage, there is a price to creating a contract account. You can only send transactions in response to receiving one, and there are no private keys as the account is controlled by code.

I'll focus on external accounts because it is what is relevant to AA.

When a transaction is executed by the EVM, the first account touched must be an external account, and the corresponding amount must pay a fee to the miner for the execution. The account's address is derived from the signer's public key for authorization. When the transaction and signature is received, the EVM will verify the validity, the nonces, and then deduct the transaction fee from the balance.

The issues with this are that the process relies entirely on your private key because your account = your private key. And hardware wallets are not scalable. Hence, the key needs to be decoupled from from the account.

Account abstraction increases flexibility of wallet accounts by turning the accounts into smart contracts, to determine with their own logic, what a valid transaction is.

Historical state of affairs

Firstly, Ethereum is already scaled to the point that it's not so easy to just implement any protocol change. Think about how long it took to get the Shapella upgrade! Smart contract wallets live on chain where the native account is the EOA, and putting smart contracts on L1 requires a heavier lift to emulate account abstraction. The entire Ethereum ecosystem is built around EOAs, so smart contract wallets are definitely the irrelevant little sibling. Few dApps are compatible.

In 2020, there was EIP2938 which enabled smart contracs to act as top level accounts. But this was still rather simple and couldn't incorporate nonce abstraction. Furthermore, it did not replace / remove externally owned accounts.

EIP3074 then came along, making existing EOA accounts act more like smart contracts because users could delegate control of their account to a contract. There were also 2 new opcodes, where the target smart contract invoker sends transactions as if it was the EOA. In this situation, users of external accounts could benefit from AA features without transferring their assets. However, there were security tradeoffs, and still, it did not fix the fact that it was still inherently an EOA.

EIP4337 is the most recent amendment and the most favored one. It makes writing and operating smart contract wallets on Ethereum much simpler because users don't make transactions. Rather the instructions are bundled to miners, and then sent to a contract for execution. Any developer can write custom smart contract wallets. However, still no protocol changes.


  • On-chain

  • Atomic transactions - Bundle multiple transactions into 1, and then execute a sequence of operations in 1 atomic transaction. For example, instead of approving 2 tokens to swap on Uniswap with multiple approvals, now you can just approve once and have 1 transactions. Reduce fees, increase speed, and increase security!

  • Can pre-fund to do gasless transactions

  • Social Recovery - With no more seed phrases, now people are more protected if their account is compromised or they lose their account. Now you can authorize a new key as the legitimate wallet owner e.g. a trusted contact or third party service.

  • MFA - require signatures from multiple keys. Whereas in multi sig wallets there lacks the ability to customize, now you can define a spending parameter and add governance

  • Flexible fee payments - pay in any token

  • Session Keys - pre-approve rules for interacting with a dApp e.g. how much can be spend in what amount of time. No more needing to sign each transaction separately! The user experience improves and risk declines.

  • Additional signing schemes - right now the status quo is ECDSA. Other options can include secure enclave such as using your phone as a hardware wallet. Increase efficiency and reduce gas on signatures.


  • Still limited to Ethereum / EVM ecosystem, not applicable to Bitcoin -> Not chain agnostic; implementations are on a chain by chain basis

  • New architecture requires all wallets to send transactions to a global entry point contract, which means that this point contact better be well protected

  • On chain costs can really rack up due to the cost to deploy and upgrade

  • Logic upgrade processes = smart contract upgrade processes

The same fruit basket

So really as you can see, MPC and AA are apples and oranges that belong in the same fruit basket. As an example, you can create a wallet. Use MPC to decompose the keypairs, and distribute. AA can then permit an external service to automatically withdraw funds without every single person signing off. Set daily limits and parameters.

Overall you can see that there is increased security, speed, and customization when you combine AA and MPC!,Application%20Processor%20kernel%20becomes%20compromised.